[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CA2965445C - Transaction messaging - Google Patents

Transaction messaging Download PDF

Info

Publication number
CA2965445C
CA2965445C CA2965445A CA2965445A CA2965445C CA 2965445 C CA2965445 C CA 2965445C CA 2965445 A CA2965445 A CA 2965445A CA 2965445 A CA2965445 A CA 2965445A CA 2965445 C CA2965445 C CA 2965445C
Authority
CA
Canada
Prior art keywords
transaction
device identifier
transaction device
data
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CA2965445A
Other languages
French (fr)
Other versions
CA2965445A1 (en
Inventor
Brian Sullivan
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Visa Europe Ltd
Original Assignee
Visa Europe Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Visa Europe Ltd filed Critical Visa Europe Ltd
Priority to CA3186475A priority Critical patent/CA3186475A1/en
Publication of CA2965445A1 publication Critical patent/CA2965445A1/en
Application granted granted Critical
Publication of CA2965445C publication Critical patent/CA2965445C/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4012Verifying personal identification numbers [PIN]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • G06Q20/3227Aspects of commerce using mobile devices [M-devices] using secure elements embedded in M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/385Payment protocols; Details thereof using an alias or single-use codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)
  • Storage Device Security (AREA)

Abstract

There is described a method for transmitting a transaction message from a transaction device having a transaction device identifier. The method involves encrypting, at a transaction device, a transaction device identifier, generating, at the transaction device, a transaction message for a transaction system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, and sending the transaction message to a transaction processing system. The generation of the transaction message comprises providing data in the first data field of the transaction message that does not identify the transaction device and providing the encrypted transaction device identifier in the second data field of the transaction message.

Description

Transaction Messaging Field of the Invention The present invention relates to systems and methods for transmitting and processing transaction messages, and in particular to systems and methods useable for sending transaction messages where an identifier is encrypted.
Background Smart devices, such as smart cards, access cards, financial instruments such as payment cards, fobs and most recently mobile telephones and other portable electronic devices are increasingly being used to effect transactions. A transaction may involve a number of functions. In a simple form, a user in possession of a suitable smart device may be granted access through a security door. Alternatively, or in addition, such a user may be able to make payments for goods and services, or to use the smart device in ticketing for access to public transport or an event.
A suitable smart device has a processor and a memory. These may be combined in a secure element, which is a piece of tamper resistant hardware which can only be communicated with in a limited fashion.
In use, the smart device is presented to a terminal of a transaction processing system, for example a door lock, a point of sale device or a ticket barrier.
The smart device communicates with the terminal. This communication may be contactless for example using near field communications (NFC), or through contact between the device and the terminal. The smart device may communicate solely with the terminal;
however more often data provided by the smart device is transmitted through the transaction processing system to a suitable recipient. This recipient authenticates the smart device and may respond, for example by commanding the terminal to open a door or barrier, or by providing data to the smart device.
To enable a smart device to be used in this manner, the smart device is provided with a device identifier. This may be a number, or alphanumeric string which is capable of uniquely identifying the device and thereby enabling the transaction processing system to determine whether to grant access, or to effect payment, or similar.
An
2 example of a suitable device identifier used in payments is a primary account number or PAN, which is used on credit and debit cards to effect payments.
Methods have been proposed to modify or obscure a device identifier during a transaction to increase security. While such proposed systems make it harder for a malicious third party to clone or pretend to be the smart device, such systems still do not obviate a risk that a third party may track a user's movements and activity using data transferred from the device.
Summary of the Invention In accordance with at least one embodiment, methods, devices, systems and software are provided for supporting or implementing functionality to transmit and/or process transaction messages.
This is achieved by a combination of features recited in each independent claim.
Accordingly, dependent claims prescribe further detailed implementations of various embodiments.
According to a first aspect of the invention there is provided a method for transmitting a transaction message, the method comprising: encrypting, at a transaction device, a transaction device identifier; generating, at the transaction device, a temporary transaction device identifier; causing a transaction message to be sent to a transaction processing system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, wherein the temporary transaction device identifier is provided in the first data field and the encrypted transaction device identifier is provided in the second data field.
The temporary transaction device identifier may be generated at least partly using further data, which further data is other than the transaction device identifier.
Furthermore, the transaction message may comprise a third data field, and data at least partly identifying a cryptographic key associated with the encryption of the transaction device identifier may be provided in the third data field. The cryptographic key may be generated at least partly using further data, which further data is other than the transaction device identifier. The cryptographic key may further be generated using, in addition, a value uniquely associated with the transaction device identifier.
3 The method may comprise receiving the further data from the transaction processing system. For a given transaction, at least part of the further data may be specific to the transaction.
In embodiments, the transaction device identifier may comprise data indicative of a primary account number of a financial instrument.
According to a second aspect of the invention there is provided a method of processing a transaction message, the method comprising: receiving a transaction message from a first part of a transaction processing system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, the first data field comprising a first transaction device identifier; decrypting data within the supplementary data field to identify a second transaction device identifier;
processing the transaction message based on the second transaction device identifier.
The processing may comprise sending a modified transaction message with the first transaction device identifier replaced by the second transaction device identifier to a second part of a transaction processing system. The method may further comprise storing an association between the first transaction device identifier and the second transaction device identifier.
The method may comprise: receiving a response message from the second part of the transaction processing system, the response message comprising a data field configured to hold a transaction device identifier, the data field comprising the second transaction device identifier; modifying the response message to replace the second transaction device identifier with the first transaction device identifier;
and sending the modified response message to the first part of the transaction processing system.
The transaction message may comprise a third data field, and data at least partly identifying a cryptographic key associated with the encryption of the data within the second data field may be provided in the third data field. In addition, the transaction message may comprise one or more further data fields configured to hold further transaction data, and the method may comprise verifying the further transaction data using the data in the third data field.
The transaction message may comprise one or more further data fields configured to hold further transaction data, and the method may comprise generating a cryptographic key used to decrypt data within the second data field from the further
4 transaction data. The method may comprise using, in addition, a value uniquely associated with the second transaction device identifier, to verify the further transaction data.
In embodiments, the transaction device identifier may comprise data indicative of a primary account number of a financial instrument.
According to a third aspect of the invention there is provided a method for transmitting a transaction message, the method comprising: generating, at a transaction device, at least one cryptographic data element using at least a transaction device identifier and further data other than the transaction device identifier as inputs to an cryptographic function; causing a transaction message to be sent to a transaction processing system, the transaction message comprising, at least, the further data and the at least one cryptographic data element.
The at least one cryptographic data element may comprise an encrypted version of the transaction device identifier. Furthermore, the method may comprise:
generating a cryptographic key using at least the further data; and generating the encrypted version of the transaction device identifier using the cryptographic key. The method may further comprise using, in addition, a value uniquely associated with the transaction device identifier to generate the cryptographic key. The at least one cryptographic data element may further comprise data at least partly identifying the cryptographic key.
In embodiments, the transaction device identifier may comprise data indicative of a primary account number of a financial instrument.
According to a fourth aspect of the invention there is provided a method of processing a transaction message, the method comprising: receiving, from a first part of a transaction processing system, a transaction message, the transaction message comprising a first transaction device identifier and at least two cryptographic data elements; and using a first of the cryptographic data elements to determine a cryptographic key; decrypting a second of the cryptographic data elements whereby to determine a second transaction device identifier; and processing the transaction message based on the second transaction device identifier.
The processing may comprise sending a modified transaction message with the first transaction device identifier replaced by the second transaction device identifier to a second part of a transaction processing system. The method may also comprise storing an association between the first transaction device identifier and the second transaction device identifier.
The method may comprise: receiving a response message from the second part of the transaction processing system, the response message comprising a data field
5 configured to hold a transaction device identifier, the data field comprising the second transaction device identifier; modifying the response message to replace the second transaction device identifier with the first transaction device identifier;
and sending the modified response message to the first part of the transaction processing system.
The transaction message may comprise one or more further data fields configured to hold further data, and the method may comprise verifying the further data using the first of the cryptographic data elements. The method may further comprise using, in addition, a value uniquely associated with the second transaction device identifier, to verify the further data.
In embodiments, the transaction device identifier may comprise data indicative of a primary account number of a financial instrument.
According to a fifth aspect of the invention there is provided a method of processing a transaction message, the method comprising: receiving, from a first part of a transaction processing system, a transaction message, the transaction message comprising a first transaction device identifier, a cryptographic data element and further data; generating a cryptographic key using at least the further data;
decrypting the cryptographic data element using the cryptographic key whereby to determine a second transaction device identifier; and processing the transaction message based on the second transaction device identifier.
According to a sixth aspect of the invention there is provided apparatus for use in transmitting a transaction message from a transaction device, the apparatus configured to: encrypt a transaction device identifier; generate a temporary transaction device identifier; cause a transaction message to be sent to a transaction processing system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, wherein the temporary transaction device identifier is provided in the first data field and the encrypted transaction device identifier is provided in the second data field.
According to a seventh aspect of the invention there is provided apparatus for processing a transaction message, the apparatus configured to: receive a transaction
6 message from a first part of a transaction processing system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, the first data field comprising a first transaction device identifier; decrypt data within the supplementary data field to identify a second transaction device identifier; process the transaction message based on the second transaction device identifier.
According to a eighth aspect of the invention there is provided apparatus for use in transmitting a transaction message from a transaction device, the apparatus configured to: generate at least one cryptographic data element using at least a transaction device identifier and further data as inputs to an cryptographic function;
cause a transaction message to be sent to a transaction processing system, the transaction message comprising, at least, the further data and the at least one cryptographic data element.
According to a ninth aspect of the invention there is provided apparatus for processing a transaction message, the apparatus configured to: receive, from a first part of a transaction processing system, a transaction message, the transaction message comprising a first transaction device identifier and at least two cryptographic data elements; and use a first of the cryptographic data elements as a cryptographic key to decrypt a second of the cryptographic data elements whereby to determine a second transaction device identifier; and process the transaction message based on the second transaction device identifier.
According to a tenth aspect of the invention there is provided apparatus for processing a transaction message, the apparatus configured to: receive, from a first part of a transaction processing system, a transaction message, the transaction message comprising a first transaction device identifier, a cryptographic data element and further data; generate a cryptographic key using at least the further data; decrypt the cryptographic data element using the cryptographic key whereby to determine a second transaction device identifier; and process the transaction message based on the second transaction device identifier.
According to a eleventh aspect of the invention there is provided a computer program for use in transmitting a transaction message from a transaction device, the computer program configured to: encrypt a transaction device identifier;
generate a temporary transaction device identifier; cause a transaction message to be sent to a
7 transaction processing system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, wherein the temporary transaction device identifier is provided in the first data field and the encrypted transaction device identifier is provided in the second data field.
According to a twelfth aspect of the invention there is provided a computer program for processing a transaction message, the computer program configured to:
receive a transaction message from a first part of a transaction processing system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data, the first data field comprising a first transaction device identifier;
decrypt data within the supplementary data field to identify a second transaction device identifier;
process the transaction message based on the second transaction device identifier.
According to a thirteenth aspect of the invention there is provided a computer program for use in transmitting a transaction message from a transaction device, the computer program configured to: generate at least one cryptographic data element using at least a transaction device identifier and further data as inputs to an cryptographic function; cause a transaction message to be sent to a transaction processing system, the transaction message comprising, at least, the further data and the at least one cryptographic data element.
According to a fourteenth aspect of the invention there is provided a computer program for processing a transaction message, the computer program configured to:
receive, from a first part of a transaction processing system, a transaction message, the transaction message comprising a first transaction device identifier and at least two cryptographic data elements; and use a first of the cryptographic data elements as a cryptographic key to decrypt a second of the cryptographic data elements whereby to determine a second transaction device identifier; and process the transaction message based on the second transaction device identifier.
According to a fifteenth aspect of the invention there is provided a computer program for processing a transaction message, the computer program configured to:
receive, from a first part of a transaction processing system, a transaction message, the transaction message comprising a first transaction device identifier, a cryptographic data element and further data; generate a cryptographic key using at least the further
8 data; decrypt the cryptographic data element using the cryptographic key whereby to determine a second transaction device identifier; and process the transaction message based on the second transaction device identifier.
According to a sixteenth aspect of the invention, there is provided a method for transmitting a transaction message from a transaction device having a transaction device identifier, the method comprising: encrypting, at a transaction device, a transaction device identifier; generating, at the transaction device, a transaction message for a transaction system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data; and sending the transaction message to a transaction processing system, wherein the generation of the transaction message comprises providing data in the first data field of the transaction message that does not identify the transaction device and providing the encrypted transaction device identifier in the second data field of the transaction message.
According to a seventeenth aspect of the invention, there is provided a method of processing a transaction message, the method comprising: receiving a transaction message from a first part of a transaction processing system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data; decrypting data within the supplementary data field to generate decrypted data; processing the transaction message using said decrypted data to form the transaction device identifier instead of the data in the first data field.
According to an eighteenth aspect of the invention, there is provided apparatus for use in transmitting a transaction message from a transaction device, the apparatus configured to: encrypt a transaction device identifier; generate a transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data; and send the transaction message to the transaction processing system, wherein the apparatus is arranged to generate the transaction message such that data that does not identify the transaction device is provided in the first data field and the encrypted transaction device identifier is provided in the second data field.
According to a nineteenth aspect of the invention, there is provided apparatus for processing a transaction message, the apparatus configured to: receive a transaction
9 PCT/GB2015/053200 message from a first part of a transaction processing system, the transaction message comprising, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data; decrypt data within the supplementary data field to generate decrypted data; and process the transaction message using said decrypted data to form the transaction device identifier instead of the data in the first data field.
Further features and advantages will become apparent from the following description of preferred embodiments, given by way of example only, which is made with reference to the accompanying drawings.
Brief Description of the Drawings Systems, apparatuses and methods will now be described as embodiments, by way of example only, with reference to the accompanying figures in which:
Figure 1 shows a schematic diagram of a transaction system in which embodiments of the invention may be practised;
Figure 2 illustrates a communication flow according to an embodiment;
Figure 3 illustrates a method according to an embodiment;
Figure 4 illustrates a further method according to an embodiment; and Figure 5 shows a schematic diagram of a device which may be used in embodiments of the invention.
Some parts, components and/or steps of the embodiments appear in more than one Figure; for the sake of clarity the same reference numeral will be used to refer to the same part, component or step in all of the Figures.
Detailed Description of Illustrative Embodiments Figure 1 shows a transaction system 10. A transaction device 12, is provided.
Examples of suitable transaction devices include smart cards, access cards, fobs, financial instruments such as payment cards, mobile telephones and other portable electronic devices such as tablets and smart watches. The transaction device 12 has a data connection to a transaction terminal 14. Examples of suitable transaction terminals include payment terminals, access points to transit systems, and doors.
The data connection between the transaction device 12 and the transaction terminal 14 may be contactless. Examples of contactl es s connection technologies which may be used include near field communications (NFC) and optical systems ¨ the latter being, for example, provided by a system which uses a camera in a mobile telephone to identify and read data presented on e.g. a screen of the terminal. The data connection may alternatively be a contact connection using a suitable arrangement of electrically 5 conductive pads and pins to enable communication.
The transaction terminal 14 is connected to a first transaction processing server 16, which is in turn connected to a second transaction processing server 18.
Together the terminal 14 and servers 16 and 18 may be considered to constitute a transaction processing system 20. While not shown, one or more additional transaction processing
10 servers may be provided between the transaction terminal 14 and first transaction processing server 16. Likewise, one or more additional transaction processing servers may be provided between the first transaction processing server 16 and the second transaction processing server 18. Collectively, the transaction terminal 14 and any additional transaction processing servers between the transaction terminal 14 and first transaction processing server 16 may be considered as a first part of the transaction processing system 20. Equally, the second transaction processing server 18 and any additional transaction processing servers between the first transaction processing server 16 and the second transaction processing server 18 may be considered as a second part of the transaction processing system 20.
While only a single instance of each of the device 12, terminal 14 and servers 16 and 18 are shown, it will be appreciated that the transaction system 10 may be substantially more complex, with multiple devices 12 (representing devices provided to multiple users), multiple terminals 14 (representing, for example, multiple payment terminals or access terminals) and even multiple servers 16 and 18.
The operation of the transaction system 10 shown in Figure 1 during a transaction will now be described with reference to Figure 2. In general, in this transaction a transaction device 12 is presented to a transaction terminal 14, and the transaction processing system 20 operates to authorise or deny the transaction.
Depending on whether the transaction is authorised or denied, the transaction terminal, or a device connected thereto, may perform some action (such as opening a door), alternatively or additionally, a message may be sent back to the transaction device. A
more detailed description follows.
11 In a first step 22, a transaction is instigated and the transaction device 12 connects to the transaction terminal 14. The instigation of the transaction may, for example, include a user selecting goods or services to purchase, or selecting a destination for a ticketing transaction. This may require user input, or alternatively may be predetermined based on the identity of the transaction terminal ¨ for example an identity of a transaction terminal on a transit system may be used to define the service required without any specific user input.
The connection between the transaction device 12 and the transaction terminal 14 may be established by the transaction device 12 being presented to the terminal and a contactless, e.g. near field communication (NFC), connection being established.
Alternatively, a transaction device 12 may be physically inserted into or connected to the transaction terminal 14 to enable an electrical connection to be established. Such methods are known in the art and need not be described in detail here.
Having, in step 22, instigated the transaction and established the connection transaction data associated with the transaction may be sent, in step 24, from the transaction terminal 14 to the transaction device 12. This transaction data may include, for example, a price to be paid in the transaction or an identity of an entry or egress point for a ticketing transaction on a transit system. In general, the nature of the transaction as described above will define the transaction data.
In step 26, the transaction device prepares a transaction message, and in step the transaction message is sent to from the transaction device to the transaction terminal 14. A more detailed description of the content of this message, and the methods by which it is created in steps 24 to 28 will be provided below with reference to Figure 3.
In step 30 transaction terminal then forwards the message on to the first transaction processing server 16. As will be appreciated from the description above, this may involve sending the message via one or more further transaction processing servers.
In step 32, the first transaction processing server 16 processes the transaction message. In some embodiment the first transaction processing server 16 may be capable of authorising or denying the transaction. In such cases, the signalling flow may pass straight to step 40 described below.
In the alternative, the second transaction processing server 18 may be the entity capable of authorising or denying the transaction. In such cases, the first transaction
12 processing server 16 may modify the message. The modified message may then be sent to the second transaction processing server 18 in step 34.
The second transaction processing server 18 then authorises or denies the transaction and, in step 38, sends a response message to the first transaction processing server 16. This response message may again be processed by the first transaction processing server 16, before the modified response message is sent, in step 40, to the transaction terminal 14. A more detailed description of the processing of the message by the first transaction processing server 16 in steps 30 to 40 will be provided below with reference to Figure 4.
Upon receipt of the response message in step 40, the transaction terminal 14 may perform any number of actions. For example, the transaction terminal 14 may send a response message to the transaction device 42. This response message may contain data indicative of the transaction being authorised, and may, if required, include a ticket or other data structure which may be stored by the transaction device 12 for later use.
Alternatively, or additionally, the transaction device may take an appropriate action, shown by step 44. This action may be, for example, to open a door or ticketing barrier, or may be the provision of an indication that the transaction has been authorised (and therefore that the user may be provided with purchased goods or services).
The above processing flow is known in the art of transaction systems and therefore has been described in overview only.
As mentioned above, a more detailed description of the operation of the transaction device in steps 24 to 28 will now be provided with reference to Figure 3.
Here the transaction device will be assumed to be provided with a transaction device identifier. This is a value or code which enables the transaction processing system to identify the transaction device 12 and distinguish it from other similar transaction devices. An example of a suitable transaction device identifier is a primary account number (PAN) of a financial instrument. In addition to the transaction device identifier, authentication data may be stored by the transaction device 12. This authentication data may be used to enable messages sent from the transaction device 12 to be authenticated by the transaction processing system, thereby enabling the transaction processing system to authorise or deny any given transaction. The authentication data may include supplementary credentials and cryptographic keys which have been earlier provided to the transaction device 12.
13 In step 24, as mentioned above, the transaction device 12 may receive transaction data from the transaction processing system. This transaction data may include data associated with the identity of the transaction terminal 14, for example an identity of a merchant or transit services provider which provides or uses that terminal, an identity of the terminal itself, a location for the terminal, a channel or domain associated with the communication with the terminal (this may indicate whether wireless or electrical contact is used), and payment details to enable the merchant to receive payment. In addition, the transaction data may include data which is specific to the transaction itself, for example data indicative of a time for the transaction, an amount for a payment, an amount for a reduction in a pre-paid ticket, and/or an identification of any goods or services associated with the transaction. The transaction data comprises at least some data which is other than the transaction device identifier.
In step 26A, the transaction device 12 generates a cryptographic key using the received transaction data. Typically, the cryptographic key will be generated using the transaction data as an input to one or more cryptographic functions. The transaction data may not be the only input to the function, and the following additional inputs may be used:
- a value uniquely associated with the transaction device identifier, for example a hashing key or seed value stored on the transaction device 12;
the transaction device identifier (it will be apparent that the transaction data referred to above represents data other than the transaction device identifier);
- a value indicative of the number of the transactions which have been previously performed or completed by the transaction device 12; and data indicative of a channel or domain used for the transaction.
One example of how a cryptographic key may be generated will now be described. This example will use Elliptic Curve Cryptography (ECC) and a method called ECC El Gamal for key agreement. It will be assumed that a cyclic group G has been defined based on a generator value g. A public key Ps for a transaction processing server, e.g. server 16 has been generated based on the group G and a private key ds for that server. For example:
Ps = ds = G = gds
14 This public key has been made available to the transaction device. In addition, a further key K, the hashing key, has been defined and is known to both the transaction device 12 and to the first transaction processing server 16. The hashing key K
may be a value uniquely associated with the transaction device.
In a first step, the transaction device 12 calculates a hash value. This may be done using a keyed-hash message authentication code (HMAC). The inputs to the hash function include the hashing key K and, in this example, a concatenation of the device identifier (ID) and the transaction data. The output of the hashing function is denoted by h, and can be written as:
h = HMAC(K, IDI I transaction data) Using h and the cyclic group G the transaction device 12 may generate an ephemeral public key PD for the device for use in the transaction. This public key PD
represents the cryptographic key described above. For example:
PD = h = G = gh In addition, using h and the public key Ps of the first transaction processing server 16, the transaction device 12 may generate a shared secret S. For example:
S = h = Ps = Psh = gdsh Having generated the ephemeral cryptographic key PD, and from that computed the shared secret S, in step 26B the transaction device 12 encrypts the device identifier ID using the shared secret S to generate an encrypted transaction device identifier C. For example:
C = enc(S, /D) The cryptographic key PD, and the encrypted transaction device identifier C
may each be considered cryptographic data elements which may be sent to the transaction terminal 14 in a transaction message.
In addition to generating the encrypted transaction device identifier C, in step 5 26C the transaction device 12 may generate a temporary transaction device identifier.
The temporary transaction device identifier may be generated entirely randomly, or pseudo randomly. Alternatively it may be based on the encrypted transaction device identifier C; or generated using further data, at least some of which is data other than the transaction device identifier, for example the transaction data described above, or 10 the public key PD generated for the device.
The temporary transaction device identifier may be generated using a further function, with one of the values described above as an input. For instance, it is typically the case that the device identifier has a certain format ¨ for example being of a certain length. In such cases, the input value may be modified to provide a temporary
15 transaction device identifier. The temporary transaction device identifier may not be wholly generated, and may be based in part on predetermined data, such as a portion of the real transaction device identifier.
As an example, where the transaction device identifier is a 16 digit PAN, the first 6 digits represent a Bank Identification Number (BIN) or Issuer identification number (TIN), and the last digit represents a check digit. The BIN/TIN from the original transaction device identifier may be kept, and augmented with nine digits of the temporary transaction device identifier and a suitable check digit.
In step 26D, the transaction device 12 creates a transaction message to be sent to a transaction processing system using the values generated above. It will often be the case that the transaction message must conform to a certain standard. For example, the transaction message may be formatted in accordance with an EMV standard for payment processing, which specifies mandatory data elements for the transaction message including a data element configured to convey the PAN as a transaction device identifier. Accordingly this standard may specify that the message should comprise, at least, a first data field configured to hold a transaction device identifier and a second data field configured to hold supplementary data. Accordingly, the temporary transaction device identifier, that does not in fact identify the transaction device 12, may be provided in the first data field and the encrypted transaction device identifier
16 may be provided in the second data field. In addition the transaction message may comprise a third data field, and the cryptographic key PD associated with the encryption of the transaction device identifier may be provided in the third data field.
It will be understood that the cryptographic key PD was not itself used in the encryption of the transaction device identifier. Instead, by virtue of being the public key associated with the shared secret used in the encryption, PD represents data identifying the cryptographic key associated with the encryption of the transaction device identifier.
Finally, some or all of the transaction data may be provided in other fields of the message.
Having generated a suitable transaction message, the transaction device 12, in step 28, sends the transaction message to the transaction processing system, i.e. the transaction terminal 14.
A more detailed description of the operation of the first transaction processing server 16 in steps 30 to 40 will now be provided with reference to Figure 4.
In step 30, the first transaction processing server 16 receives the transaction message. In line with the description above, the message created by the transaction device 12 comprises a temporary transaction device identifier, an encrypted transaction device identifier C and the ephemeral cryptographic key PD. The encrypted transaction device identifier C and the ephemeral cryptographic key PD may be considered as cryptographic data elements. In addition, the message may contain at least some of the transaction data.
In step 32A, the first transaction processing server 16 may generate the shared secret S using the cryptographic key PD. For example:
S = ds = PD = PDdS = ghdS
The shared secret S may then be used to decrypt the encrypted transaction device identifier C to generate the original transaction device identifier ID.
In addition, the first transaction processing server 16 may validate any transaction data provided in the transaction message. This may be done by using the original transaction device identifier ID to look up the hashing key K for the transaction device 12 and then recreating the hash value h' and the ephemeral public key P'D as described above. For example:
17 = HMAC(K, IDI I transaction data) PI D = If = G =
A comparison of the public key PD sent in the transaction message and the newly generated public key P'D will demonstrate whether the transaction data received in the message corresponds to the transaction data used to generate the public key PD.
The first transaction processing server 16 may then process the transaction message based on the original transaction device identifier (i.e. at least part of the decrypted data derived from the encrypted data provided in the second data field). In other words, the transaction message may be processed as if the temporary transaction device identifier were replaced by the original transaction device identifier ID. As mentioned above, the first transaction processing server 16 itself may be able to authorise or deny the transaction at this point. If this is the case, then in step 32E, the first transaction processing server 16 determines, using the original transaction device identifier ID whether to authorise or deny the transaction and generates a suitable response message. In step 40 the first transaction processing server 16 then sends the response message back to the transaction terminal 14.
However, in the alternative the first transaction processing server 16 may, in step 32C, modify the transaction message, replacing the temporary transaction device identifier with the original transaction device identifier ID. The first transaction processing server 16 may additionally, in step 32D, store an association between the temporary transaction device identifier and the original transaction device identifier ID.
Subsequently, in step 34 the first transaction processing server 16 may send the modified transaction message with the temporary transaction device identifier replaced by the original transaction device identifier the second transaction processing server 18.
The second transaction processing server 18 may then process the modified transaction message as a normal message which had been originally provided with an unencrypted transaction device identifier.
In step 36 the first transaction processing server 16 may receive a response message from the second transaction processing server 18. This response message may
18 comprise a data field configured to hold a transaction device identifier, which consequently comprises the original transaction device identifier ID.
In step 38, the first transaction processing server 16 may modify the response message to replace the original second transaction device identifier ID with the first transaction device identifier, using the association stored in step 32D. The modified response message may then, in step 40, be sent to the transaction terminal 14.
The above described methods present the following advantages. Firstly, the field designed to contain the transaction device identifier in a typical transaction system is limited in size and needs to adhere to strict formatting rules. This puts restrictions on the degree of freedom for any temporary transaction device identifier. By providing a temporary transaction device identifier in a message and separately providing an encrypted transaction device identifier, the degree of freedom for encrypting the transaction device identifier is increased, and therefore security is correspondingly increased. Equally, it is easier to generate the temporary transaction device identifier as it only needs to conform to the requirements of being random, or pseudo random, and enabling the transaction message to be properly handled by the transaction system.
Furthermore, by providing the ephemeral cryptographic key with the transaction message, it is possible to ensure that no information provided in the transaction message can be used to track a user. This is because the ephemeral cryptographic key is itself non deterministic or random and therefore cannot be used to track a user.
It should be noted that a system may be used where a transaction device identifier is encrypted using solely a public key of a recipient server. The disadvantage of such system is that they are susceptible to attack, as the relatively static key (that of the server) means that multiple messages are all sent using the same key, which in turn reduces the security of the system.
A further advantage relates to the size of a cryptographic key which is required to enable effective encryption of the transaction device identifier. For example, a typical length of an ECC cryptographic key required to provide adequate encryption is 32 bytes or more. Providing this key in a message takes up a large amount of the message data, often significantly more than the transaction device identifier itself For example, a PAN may be uniquely identified by less than 8 bytes of data, a quarter of the data size of the key which may be used to encrypt the PAN. However, in embodiments the cryptographic key also serves as data enabling the transaction data to be verified. This
19 dual use improves the data size efficiency of any message and enables messages, encrypted according to the embodiments described above, to be transmitted using existing systems with restrictions on the size of any message.
Alternative Embodiments and Modifications While a specific implementation of ECC cryptography has been described above, it will be appreciated that modifications may be made, or entirely different systems may be used, for the generation and use of the cryptographic key. For example, the shared secret S may be used directly to encrypt the device identifier, however in the alternative, a further key, generated using S may be used. Alternatively, an implementation may use lattice based cryptographic methods such as NTRU. For such an implementation, there would be no need to communicate a separate ephemeral key to the server since the output of the encryption mechanism is effectively random.
In the specific implementation described above, the temporary transaction device identifier is random so that no information in the transaction message can be used to track the transaction device 12, and accordingly potentially track the user of the transaction device 12. Alternatively, instead of a random temporary transaction device identifier, a fixed number stored by the transaction device 12 that is the same for many or all transaction devices utilising the invention could be inserted in the field in the transaction message for the transaction device identifier. In this way, it is not possible to determine the identity of the transaction device from the entry within the transaction device identifier field within the transaction message. Further, such a static transaction device identifier can be used to indicate to a recipient of the transaction message that an encrypted version of the actual transaction device identifier is provided in a separate field of the transaction message.
Embodiments are intended to be compatible with existing systems. Therefore the message sent by the transaction device 12 may conform to existing protocols. In particular, it is intended that only the transaction device 12 and the first transaction processing server 16 need be modified to enable the overall system to operate as before.
Consequently, the first transaction processing server 16 may operate to convert any message provided by the transaction device 12 into a format which is usable by the second transaction processing server 18 without requiring modification of the second transaction processing server 18.

In some embodiments, the temporary transaction device identifier may correspond to the encrypted transaction device identifier, and may therefore be used to retrieve the original device identifier. This obviates the need for any further field.
While the cryptographic key has been described as being transmitted with the 5 transaction message, some embodiments may be arranged to generate the cryptographic key from the transaction data in a manner which can be replicated by the first transaction processing server 16. Accordingly, at the first transaction processing server 16, a cryptographic key may be generated using at least the transaction data provided in the transaction message. This cryptographic key may then be used to decrypt any 10 cryptographic data element containing the original transaction device identifier.
In embodiments, the original transaction device identifier may be a pointer to a transaction device identifier useable by the second transaction processing server 18. As such the first transaction processing server 16 may possess a lookup table which enables the pointer to be used to identify a suitable transaction device identifier.
Therefore, no 15 modification is needed for the second transaction processing server 18, but the identifier passed between the transaction device 12 and the first transaction processing server 16 need not be selected according to the requirements for a suitable identifier useable by the second transaction processing server 18.
In the specific implementation described above, the transaction terminal 14
20 forwards the transaction message from the transaction device 12 to a first transaction processing server 16 and the first transaction processing server 16 recovers the transaction device identifier for the transaction device 12. In some implementations, the transaction terminal 14 may be required to authorise a transaction faster than can be achieved if the transaction terminal awaits a response from the first transaction processing server. An example of such an implementation is a ticket gate arrangement in which a transaction terminal within a ticket gate needs to authorise a transaction and transfer ticket information to a transaction device 12 within a short time. In such an implementation, the transaction terminal 14 may send a message to the transaction device 12 including a public key certificate for the transaction terminal 14, and the transaction device 12 may encrypt the transaction device identifier using the public key derived or extracted from the certificate for the transaction terminal 14, preferably using a cryptographic scheme as described above, and send the encrypted transaction device identifier to the transaction terminal 14. The transaction terminal 14 may then recover
21 the transaction device identifier and, for example, compare the recovered transaction device identifier with a blacklist of transaction device identifiers stored by the transaction terminal 14, indicating transaction devices 12 for which no transaction should be made, before authorising the transaction.
In embodiments, the transaction device itself may be a self-contained device, such as a smart card or fob. In other embodiments, the transaction device 12 be a general purpose computing device, such as a mobile phone or computer, which is contains, or is connected to apparatus which generates the transaction messages. Such an apparatus may be tamper resistant hardware; that is a secure element. In such cases, it will be appreciated that reference to the transaction device performing a given operation, such as sending a message to a terminal, is representative of the transaction device causing another device (e.g. the mobile telephone) to send such a message.
Recently, systems whereby a computing device (such as a mobile telephone) can be used without requiring a secure element, have been proposed. On such system is called "Host Card Emulation" whereby a transaction application executes within a device's application processor. An alternative, but similar system is the use of a "Trusted Execution Environment" within a suitable device. Embodiments of the invention are applicable to these and similar systems.
In some embodiments, the transaction device 12 may not receive any transaction data from the transaction terminal 14, but may generate the transaction data itself In further embodiments the transaction data may be received by other means. For example it has been proposed to use mobile telephones in transactions, and to enable those mobile telephones to send and receive data via the mobile network alongside any transaction which may occur over a contactless (e.g. NFC) connection between the mobile telephone and a terminal. In such cases, it is envisaged that at least some of the communications described above, whether the provision of transaction data to the transaction device, or transmission of the transaction message, may not involve the transaction terminal 14, but other communications systems.
The connection between the transaction device 12 and the transaction terminal 14 may be bidirectional as described above, but may equally be unidirectional.
For example, a mobile telephone may receive transaction data from a terminal via a unidirectional connection (e.g. by photographing a code optically displayed by the terminal) and may then create and send a suitable transaction message via a wireless
22 communications network such as a cellular connection or WiFi. In such cases the transaction terminal may not itself have any communications capabilities with the transaction processing network, and may be, for example, a poster displaying an optical code such as a QR code.
In other embodiments, there may not be a transaction terminal 14 as such, and the transaction device 12 may communicate directly with a network and thereby with the first transaction processing server 16. This may be used for online transactions where the transaction device 12 is a connected computer or portable device.
In some embodiments, other information, such as credentials for enabling the message to be authenticated, may be encrypted alongside the device identifier.
The cryptographic key may be compressed. For example a full elliptical function cryptographic key has an X and a Y component. It is possible to compress the key be providing only the X component alongside one or two bits of data to indicate a sign for the Y component. Knowledge of the X component, the function used, and the sign of the Y component enables the cull cryptographic key to be recreated. In the above description it will be appreciated that where a key is described as being determined or provided, a compressed version thereof may be equivalently used.
The transaction device 12, transaction terminal 14 and transaction processing servers 16 and 18, may comprise computerised hardware as is known in the art.
An exemplary computerised system 50, capable of performing the method steps described above, will now be described with reference to Figure 5.
The computerised system 50 comprises a processing system 51, such as a CPU, or an array of CPUs. The processing system 51 is connected to a computer readable storage medium such as memory 52. This memory may be a volatile memory, for example RAM; or a non-volatile or non-transitory memory, for example a solid state drive (SSD) or hard disk drive (HDD). The system 50 may also comprise an interface 54, capable of transmitting and/or receiving data from other elements in the system.
The memory 52 stores computer readable / computer executable instructions 53.
The computer readable instructions may be configured such that when they are executed by the processing system 51, the computerised system 50 is caused to perform the methods described above. To enable this, the processing system 51 may retrieve the computer instructions 53 from memory 52 and execute these instructions. In so doing, the processing system 51 may cause the interface to transmit or receive data as required.
23 This data may itself be stored in memory 52, and retrieved as required ¨ for example to be transmitted via the interface 54.
It is to be understood that any feature described in relation to any one embodiment may be used alone, or in combination with other features described, and may also be used in combination with one or more features of any other of the embodiments, or any combination of any other of the embodiments. Furthermore, equivalents and modifications not described above may also be employed without departing from the scope of the invention, which is defined in the accompanying claims.
The features of the claims may be combined in combinations other than those specified in the claims.

Claims (26)

Claims
1. A method for transmitting a transaction message from a transaction device having a transaction device identifier ID to a transaction processing system, wherein the transaction message conforms to an EMV standard for payment processing in which the transaction message comprises, at least, a first data field configured to hold the transaction device identifier, a second data field configured to hold supplementary data, a third data field, and other data fields for conveying transaction data, the method comprising:
receiving, at the transaction device, transaction data from a transaction processing server of the transaction processing system;
receiving, at the transaction device, a public key Ps for the transaction processing server generated based on a cyclic group G and a private key ds for the transaction processing server;
calculating, at the transaction device, a hash value h by inputting a hashing key K, known to both the transaction device and the transaction processing server, and a concatenation of the transaction device identifier and the transaction data for a transaction;
generating, at the transaction device, an ephemeral public key PD for the transaction device using the hash value h and the cyclic group G;
generating, at the transaction device, a shared secret S using the hash value h and a public key Ps for the transaction processing server;
encrypting, at the transaction device, the transaction device identifier ID
for the transaction device using the shared secret S to generate an encrypted transaction device identifier C;
generating, at the transaction device, the transaction message for the transaction processing system; and sending the transaction message to the transaction processing system, wherein the generation of the transaction message comprises providing data in the first data field of the transaction message that does not identify the transaction device, providing the encrypted transaction device identifier C in the second data field of the transaction message, providing the ephemeral public key PD in the third data field.
2. The method of claim 1, wherein the ephemeral public key PD is generated using, in addition, a value uniquely associated with the transaction device identifier ID.
3. The method of claim 1, further comprising generating, at the transaction device, a temporary transaction device identifier at least partly using further data, which further data is other than the transaction device identifier, wherein said data provided in the first field is the temporary transaction device identifier.
4. The method of claim 1, wherein the transaction device identifier ID
comprises data indicative of a primary account number of a financial instrument.
5. A method of processing a transaction message from a transaction device, wherein the transaction message conforms to an EMV standard for payment processing in which the transaction message comprises, at least, a first data field configured to hold a transaction device identifier, a second data field configured to hold supplementary data, a third data field, and other data fields conveying transaction data, the method comprising:
receiving, at a transaction processing server, the transaction message from a first part of a transaction processing system;
generating, at the transaction processing server, a shared secret S using a private key ds for the transaction processing server and an ephemeral public key PD
stored in the third data field;
decrypting an encrypted transaction device identifier C stored in the second data field using the shared secret S to generate an original transaction device identifier ID;
processing the transaction message using the generated original transaction device identifier ID to form the transaction device identifier instead of the data in the first data field; and validating the transaction data using the generated original transaction device identifier ID, wherein validating the transaction data comprises:
looking up a hashing key K corresponding to the transaction device identifier ID;

obtaining a recreated hash value h' by inputting the hashing key K and a concatenation of the generated original transaction device identifier ID and the transaction data for a transaction and obtaining a recreated ephemeral public key P 'D using the recreated hash value h' and a cyclic group G; and comparing the ephemeral public key PD stored in the third data field and sent in the transaction message and the recreated ephemeral public key P 'D.
6. The method of claim 5, wherein the processing comprises sending a modified transaction message with the data in the first data field replaced by said generated original transaction device identifier ID to a second part of a transaction processing system.
7. The method of claim 6, comprising storing an association between said data in the first data field and said generated original transaction device identifier b;
receiving a response message from the second part of the transaction processing system, the response message comprising another data field holding the generated original transaction device identifier b;
modifying the response message to replace the generated original transaction device identifier ID with said data in the first data field; and sending the modified response message to the first part of the transaction processing system.
8. The method of claim 5, wherein the transaction device identifier ID
comprises data indicative of a primary account number of a financial instrument.
9. A method for transmitting a transaction message from a transaction device having a transaction device identifier ID to a transaction processing system, the method comprising:
receiving, at the transaction device, transaction data for a transaction;
receiving, at the transaction device, a public key Ps for the transaction processing server generated based on a cyclic group G and a private key ds for the transaction processing server;

calculating, at the transaction device, a hash value h by inputting a hashing key K, known to both the transaction device and the transaction processing server, and a concatenation of the transaction device identifier and the transaction data;
generating, at the transaction device, an ephemeral public key PD for the transaction device using the hash value h and the cyclic group G;
generating, at the transaction device, a shared secret S using the hash value h and a public key Ps for the transaction processing server;
encrypting, at the transaction device, the transaction device identifier ID
for the transaction device using the shared secret S to generate an encrypted transaction device identifier C;
sending the transaction message to the transaction processing system, the transaction message comprising, at least, the ephemeral public key PD and the encrypted transaction device identifier C.
10. The method of claim 9, comprising using, in addition, a value uniquely associated with the transaction device identifier to generate the ephemeral public key PD.
11. The method of claim 10, wherein the at least one cryptographic data element further comprises data at least partly identifying the ephemeral public key PD.
12. The method of any one of claims 9 to 11, wherein the transaction device identifier comprises data indicative of a primary account number of a financial instrument.
13. A method of processing a transaction message from a transaction device, the method comprising:
receiving, at a transaction processing server, the transaction message from a first part of a transaction processing system, the transaction message comprising a first transaction device identifier, an encrypted transaction device identifier C and an ephemeral public key PD;
generating, at the transaction processing server, a shared secret S using a private key ds for the transaction processing server and the ephemeral public key PD;

decrypting, at the transaction processing server, the encrypted transaction device identifier C using the shared secret S to generate a second transaction device identifier ID;
processing the transaction message based on the second transaction device identifier; and verifying the transaction data using the generated original transaction device identifier ID, wherein verifying the transaction data comprises:
looking up, by using the generated original transaction device identifier ID a hashing key K for the transaction device;
recreating a hash value h' by inputting the hashing key K and a concatenation of the generated original transaction device identifier ID and transaction data for the transaction and recreating an ephemeral public key P
'D
for the transaction device using the recreated hash value h' and the cyclic group G; and comparing the ephemeral public key PD comprised in the transaction message and the recreated ephemeral public key P 'D.
14. The method of claim 13, wherein the processing comprises sending a modified transaction message with the first transaction device identifier replaced by the second transaction device identifier to a second part of a transaction processing sy stem.
15. The method of claim 13, comprising storing an association between the first transaction device identifier and the second transaction device identifier.
16. The method of claim 15, comprising:
receiving a response message from the second part of the transaction processing system, the response message comprising a data field configured to hold a transaction device identifier, the data field comprising the second transaction device identifier;
modifying the response message to replace the second transaction device identifier with the first transaction device identifier; and sending the modified response message to the first part of the transaction processing system.
17. The method of any one of claims 13 to 16, comprising using, in addition, a value uniquely associated with the second transaction device identifier, to verify the further data.
18. The method of any one of claims 13 to 17, wherein the transaction device identifier comprises data indicative of a primary account number of a financial instrument.
19. Apparatus for use in transmitting a transaction message from a transaction device having a transaction device identifier ID to a transaction processing system, wherein the transaction message conforms to an EMV standard for payment processing in which the transaction message comprises, at least, a first data field configured to hold a transaction device identifier, a second data field configured to hold supplementary data, a third data field, and other data fields for conveying transaction data, the apparatus configured to:
receive transaction data from a transaction processing server of a transaction processing system;
receive a public key Ps for the transaction processing server generated based on a cyclic group G and a private key ds for the transaction processing server;
calculate a hash value h by inputting a hashing key K, known to both the transaction device and the transaction processing server, and a concatenation of the transaction device identifier and the transaction data for a transaction;
generate an ephemeral public key PD for the transaction device using the hash value h and the cyclic group G;
generate a shared secret S using the hash value h and a public key Ps for the transaction processing server;
encrypt the transaction device identifier for the transaction device using the shared secret S to generate an encrypted transaction device identifier C;
generate the transaction message for the transaction processing system; and send the transaction message to the transaction processing system, wherein the apparatus is arranged to generate the transaction message such that data that does not identify the transaction device is provided in the first data field, the encrypted transaction device identifier C is provided in the second data field, and the ephemeral public key PD is provided in the third data field.
20. Apparatus for processing a transaction message, wherein the transaction message conforms to an EMV standard for payment processing in which the transaction message comprises, at least, a first data field configured to hold a transaction device identifier, a second data field configured to hold supplementary data, a third data field, and other data fields conveying transaction data, the apparatus configured to:
receive a transaction message from a first part of a transaction processing sy stem;
generate, at a transaction processing server, a shared secret S using a private key ds for the transaction processing server and the ephemeral public key PD
stored in the third data field;
decrypt an encrypted transaction device identifier C stored in the second data field using the shared secret S to generate an original transaction device identifier ID;
process the transaction message using the generated original transaction device identifier ID to form the transaction device identifier instead of the data in the first data field; and validate the transaction data using the generated original transaction device identifier ID, wherein validating the transaction data comprises:
looking up a hashing key K corresponding to the transaction device identifier;
obtaining a recreated hash value h ' by inputting the hashing key K and a concatenation of the generated original transaction device identifier ID and the transaction data for a transaction and obtaining a recreated ephemeral public key P 'D for the transaction device using the recreated hash value h ' and a cyclic group G; and comparing the ephemeral public key PD stored in the third data field and sent in the transaction message and the recreated ephemeral public key P
21. Apparatus for use in transmitting a transaction message from a transaction device having a transaction device identifier ID to a transaction processing system, the apparatus configured to:
receive transaction data for a transaction;
receive a public key Ps for the transaction processing server generated based on a cyclic group G and a private key ds for the transaction processing server;
calculate a hash value h by inputting a hashing key K, known to both the transaction device and the transaction processing server, and a concatenation of the transaction device identifier and the transaction data;
generate an ephemeral public key PD for the transaction device using the hash value h and the cyclic group G;
generate a shared secret S using the hash value h and a public key Ps for the transaction processing server;
encrypt the transaction device identifier ID for the transaction device using the shared secret S to generate an encrypted transaction device identifier C;
send the transaction message to the transaction processing system, the transaction message comprising, at least, the ephemeral public key PD and the encrypted transaction device identifier C.
22. Apparatus for processing a transaction message from a transaction device, the apparatus configured to:
receive the transaction message from a first part of a transaction processing system, the transaction message comprising a first transaction device identifier, an encrypted transaction device identifier C and an ephemeral public key PD; and generate a shared secret S using a private key ds for the transaction processing server and the ephemeral public key PD;
decrypt the encrypted transaction device identifier C using the shared secret S
to generate a second transaction device identifier ID;
process the transaction message based on the second transaction device identifier; and verify the transaction data using the generated original transaction device identifier ID, wherein verifying the transaction data comprises:

looking up, by using the generated original transaction device identifier ID a hashing key K for the transaction device;
recreating a hash value h' by inputting the hashing key K and a concatenation of the generated original transaction device identifier ID and transaction data for the transaction and recreating an ephemeral public key P
'D
for the transaction device using the recreated hash value h' and the cyclic group G; and comparing the ephemeral public key PD comprised in the transaction message and the recreated ephemeral public key P 'D.
23. A computer-readable medium having recorded thereon instructions to be performed by a transaction device to carry out a method of transmitting a transaction message from the transaction device, the transaction device having a transaction device identifier ID to a transaction processing system, wherein the transaction message conforms to an EMV standard for payment processing in which the transaction message comprises, at least, a first data field configured to hold a transaction device identifier, a second data field configured to hold supplementary data, a third data field, and other data fields for conveying transaction data, to the method comprising:
receiving transaction data from a transaction processing server of a transaction processing system;
receiving a public key Ps for the transaction processing server generated based on a cyclic group G and a private key ds for the transaction processing server;
calculating a hash value h by inputting a hashing key K, known to both the transaction device and the transaction processing server, and a concatenation of the transaction device identifier and the transaction data for a transaction;
generating an ephemeral public key PD for the transaction device using the hash value h and the cyclic group G;
generating a shared secret S using the hash value h and a public key Ps for the transaction processing server;
encrypting the transaction device identifier for the transaction device using the shared secret S to generate an encrypted transaction device identifier C;
generating the transaction message for the transaction processing system; and sending the transaction message to the transaction processing system, wherein the generating of the transaction message comprises providing data in the first data field of the transaction message that does not identify the transaction device, providing the encrypted transaction device identifier in the second data field of the transaction message, and providing the ephemeral public key PD in the third data field.
24. A computer-readable medium having recorded thereon instructions to be carried out by a processor to carry out a method for processing a transaction message, wherein the transaction message conforms to an EMV standard for payment processing in which the transaction message comprises, at least, a first data field configured to hold a transaction device identifier, a second data field configured to hold supplementary data, a third data field, and other data fields conveying transaction data, the method comprising steps of:
receiving a transaction message from a first part of a transaction processing sy stem;
generating a shared secret S using a private key cis for a transaction processing server and an ephemeral public key PD stored in the third data field;
decrypting an encrypted transaction device identifier C stored in the second data field using the shared secret S to generate an original transaction device identifier ID;
processing the transaction message using the generated original transaction device identifier ID to form the transaction device identifier instead of the data in the first data field; and validating the transaction data using the generated original transaction device identifier ID, wherein validating the transaction data comprises:
looking up a hashing key K corresponding to the transaction device identifier;
obtaining a recreated hash value h' by inputting the hashing key K and a concatenation of the generated original transaction device identifier ID and the transaction data for a transaction and obtaining a recreated ephemeral public key P 'D for the transaction device using the recreated hash value h' and a cyclic group G; and comparing the ephemeral public key PD stored in the third data field and sent in the transaction message and the recreated ephemeral public key P 'D.
25. A computer-readable medium having recorded thereon to be carried out by a transacting device to perform a method of transmitting a transaction message, the transaction device having a transaction device identifier ID to a transaction processing system, method comprising:
receiving transaction data for a transaction;
receiving a public key Ps for a transaction processing server generated based on a cyclic group G and a private key ds for the transaction processing server;
calculating a hash value h by inputting a hashing key K, known to both the transaction device and the transaction processing server, and a concatenation of the transaction device identifier and the transaction data;
generating an ephemeral public key PD for the transaction device using the hash value h and the cyclic group G;
generating a shared secret S using the hash value h and a public key Ps for the transaction processing server;
encrypting the transaction device identifier ID for the transaction device using the shared secret S to generate an encrypted transaction device identifier C;
sending the transaction message to the transaction processing system, the transaction message comprising, at least, the ephemeral public key PD and the encrypted transaction device identifier C.
26. A computer-readable medium having instructions recorded thereon to be performed by a processor to carry out a method for processing a transaction message from a transaction device, to the method comprising steps of:
receiving the transaction message from a first part of a transaction processing system, the transaction message comprising a first transaction device identifier, an encrypted transaction device identifier C and an ephemeral public key PD;
generating a shared secret S using a private key ds for the transaction processing server and the ephemeral public key PD;
decrypting the encrypted transaction device identifier C using the shared secret S to generate a second transaction device identifier ID;

processing the transaction message based on the second transaction device identifier; and verifying the transaction data using the generated original transaction device identifier ID, wherein verifying the transaction data comprises:
looking up, by using the generated original transaction device identifier ID a hashing key K for the transaction device;
recreating a hash value h' by inputting the hashing key K and a concatenation of the generated original transaction device identifier ID and transaction data for the transaction and recreating an ephemeral public key P
'D
for the transaction device using the recreated hash value h' and the cyclic group G; and comparing the ephemeral public key PD comprised in the transaction message and the recreated ephemeral public key P 'D.
CA2965445A 2014-10-24 2015-10-26 Transaction messaging Active CA2965445C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CA3186475A CA3186475A1 (en) 2014-10-24 2015-10-26 Transaction messaging

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
GBGB1419016.9A GB201419016D0 (en) 2014-10-24 2014-10-24 Transaction Messaging
GB1419016.9 2014-10-24
PCT/GB2015/053200 WO2016063089A1 (en) 2014-10-24 2015-10-26 Transaction messaging

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CA3186475A Division CA3186475A1 (en) 2014-10-24 2015-10-26 Transaction messaging

Publications (2)

Publication Number Publication Date
CA2965445A1 CA2965445A1 (en) 2016-04-28
CA2965445C true CA2965445C (en) 2023-03-14

Family

ID=52103400

Family Applications (2)

Application Number Title Priority Date Filing Date
CA3186475A Pending CA3186475A1 (en) 2014-10-24 2015-10-26 Transaction messaging
CA2965445A Active CA2965445C (en) 2014-10-24 2015-10-26 Transaction messaging

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CA3186475A Pending CA3186475A1 (en) 2014-10-24 2015-10-26 Transaction messaging

Country Status (9)

Country Link
US (3) US10769628B2 (en)
EP (2) EP3822891A1 (en)
KR (2) KR102613422B1 (en)
CN (2) CN107077670B (en)
AU (2) AU2015334634B2 (en)
CA (2) CA3186475A1 (en)
GB (1) GB201419016D0 (en)
MX (1) MX2017005313A (en)
WO (1) WO2016063089A1 (en)

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9105027B2 (en) 2009-05-15 2015-08-11 Visa International Service Association Verification of portable consumer device for secure services
US10846683B2 (en) 2009-05-15 2020-11-24 Visa International Service Association Integration of verification tokens with mobile communication devices
US10282724B2 (en) 2012-03-06 2019-05-07 Visa International Service Association Security system incorporating mobile device
GB201419016D0 (en) 2014-10-24 2014-12-10 Visa Europe Ltd Transaction Messaging
US9591479B1 (en) * 2016-04-14 2017-03-07 Wickr Inc. Secure telecommunications
AU2016403734B2 (en) 2016-04-19 2022-11-17 Visa International Service Association Systems and methods for performing push transactions
US11250424B2 (en) 2016-05-19 2022-02-15 Visa International Service Association Systems and methods for creating subtokens using primary tokens
EP3466017B1 (en) 2016-06-03 2021-05-19 Visa International Service Association Subtoken management system for connected devices
US11494765B2 (en) 2017-05-11 2022-11-08 Visa International Service Association Secure remote transaction system using mobile devices
GB2565053A (en) * 2017-07-28 2019-02-06 Streeva Ltd Key generation in secure electronic payment systems
CN111819555A (en) 2018-03-07 2020-10-23 维萨国际服务协会 Secure remote token issuance with online authentication
CN109377215B (en) 2018-08-06 2020-04-21 阿里巴巴集团控股有限公司 Block chain transaction method and device and electronic equipment
EP3837651A1 (en) * 2018-08-17 2021-06-23 Visa International Service Association Techniques for securely communicating sensitive data
CN112740207A (en) 2018-08-22 2021-04-30 维萨国际服务协会 Method and system for token provisioning and processing
EP4462338A1 (en) 2018-10-08 2024-11-13 Visa International Service Association Techniques for token proximity transactions
CN112840594A (en) * 2018-10-15 2021-05-25 维萨国际服务协会 Techniques for securely communicating sensitive data for disparate data messages
EP3881258B1 (en) 2018-11-14 2024-09-04 Visa International Service Association Cloud token provisioning of multiple tokens
JP6756041B2 (en) 2018-11-27 2020-09-16 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited Information protection systems and methods
US10726657B2 (en) 2018-11-27 2020-07-28 Alibaba Group Holding Limited System and method for information protection
US11127002B2 (en) 2018-11-27 2021-09-21 Advanced New Technologies Co., Ltd. System and method for information protection
US10700850B2 (en) 2018-11-27 2020-06-30 Alibaba Group Holding Limited System and method for information protection
SG11201903425PA (en) 2018-11-27 2019-05-30 Alibaba Group Holding Ltd System and method for information protection
EP3866382B1 (en) 2018-11-27 2023-06-21 Advanced New Technologies Co., Ltd. System and method for information protection
US11849042B2 (en) 2019-05-17 2023-12-19 Visa International Service Association Virtual access credential interaction system and method
US11868981B2 (en) * 2019-08-02 2024-01-09 Mastercard International Incorporated System and method to support payment acceptance capability for merchants

Family Cites Families (489)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5280527A (en) 1992-04-14 1994-01-18 Kamahira Safe Co., Inc. Biometric token for authorizing access to a host system
US5613012A (en) 1994-11-28 1997-03-18 Smarttouch, Llc. Tokenless identification system for authorization of electronic transactions and electronic transmissions
US5781438A (en) 1995-12-19 1998-07-14 Pitney Bowes Inc. Token generation process in an open metering system
US6044360A (en) 1996-04-16 2000-03-28 Picciallo; Michael J. Third party credit card
US5930767A (en) 1997-05-28 1999-07-27 Motorola, Inc. Transaction methods systems and devices
US5913203A (en) 1996-10-03 1999-06-15 Jaesent Inc. System and method for pseudo cash transactions
US5953710A (en) 1996-10-09 1999-09-14 Fleming; Stephen S. Children's credit or debit card system
GB9624127D0 (en) 1996-11-20 1997-01-08 British Telecomm Transaction system
US5949044A (en) 1997-06-13 1999-09-07 Walker Asset Management Limited Partnership Method and apparatus for funds and credit line transfers
US7177835B1 (en) 1997-08-28 2007-02-13 Walker Digital, Llc Method and device for generating a single-use financial account number
US6163771A (en) 1997-08-28 2000-12-19 Walker Digital, Llc Method and device for generating a single-use financial account number
US5883810A (en) 1997-09-24 1999-03-16 Microsoft Corporation Electronic online commerce card with transactionproxy number for online transactions
US6000832A (en) 1997-09-24 1999-12-14 Microsoft Corporation Electronic online commerce card with customer generated transaction proxy number for online transactions
US6014635A (en) 1997-12-08 2000-01-11 Shc Direct, Inc. System and method for providing a discount credit transaction network
US6385596B1 (en) 1998-02-06 2002-05-07 Liquid Audio, Inc. Secure online music distribution system
US6980670B1 (en) 1998-02-09 2005-12-27 Indivos Corporation Biometric tokenless electronic rewards system and method
US6636833B1 (en) 1998-03-25 2003-10-21 Obis Patents Ltd. Credit card system and method
US6422462B1 (en) 1998-03-30 2002-07-23 Morris E. Cohen Apparatus and methods for improved credit cards and credit card transactions
IL125826A (en) 1998-08-17 2001-05-20 Ur Jonathan Shem Method for preventing unauthorized use of credit cards in remote payments and an optional supplemental-code card for use therein
CA2276872A1 (en) 1998-08-28 2000-02-28 Lucent Technologies Inc. Method for protecting mobile anonymity
US8799153B2 (en) 1998-08-31 2014-08-05 Mastercard International Incorporated Systems and methods for appending supplemental payment data to a transaction message
CZ20001481A3 (en) 1998-09-04 2001-10-17 Impower, Inc. Electronic commerce with anonymous shopping and anonymous vendor shipping
US6327578B1 (en) 1998-12-29 2001-12-04 International Business Machines Corporation Four-party credit/debit payment protocol
US7184988B1 (en) * 1999-01-28 2007-02-27 Certco, Inc. Methods for operating infrastructure and applications for cryptographically-supported services
JP2000322486A (en) 1999-02-12 2000-11-24 Citibank Na Method and system for fulfilling bank card transaction
US7571139B1 (en) 1999-02-19 2009-08-04 Giordano Joseph A System and method for processing financial transactions
US6227447B1 (en) 1999-05-10 2001-05-08 First Usa Bank, Na Cardless payment system
US7194437B1 (en) 1999-05-14 2007-03-20 Amazon.Com, Inc. Computer-based funds transfer system
US7908216B1 (en) 1999-07-22 2011-03-15 Visa International Service Association Internet payment, authentication and loading system using virtual smart card
AU6229000A (en) 1999-07-26 2001-02-13 Iprivacy Llc Electronic purchase of goods over a communication network including physical delivery while securing private and personal information
US6748367B1 (en) 1999-09-24 2004-06-08 Joonho John Lee Method and system for effecting financial transactions over a public network without submission of sensitive information
AU1598101A (en) 1999-11-10 2001-06-06 Serge M. Krasnyansky On-line payment system
AU2202001A (en) 1999-12-17 2001-06-25 Chantilley Corporation Limited Secure transaction systems
US7426750B2 (en) 2000-02-18 2008-09-16 Verimatrix, Inc. Network-based content distribution system
US6453301B1 (en) 2000-02-23 2002-09-17 Sony Corporation Method of using personal device with internal biometric in conducting transactions over a network
US20010029485A1 (en) 2000-02-29 2001-10-11 E-Scoring, Inc. Systems and methods enabling anonymous credit transactions
US7865414B2 (en) 2000-03-01 2011-01-04 Passgate Corporation Method, system and computer readable medium for web site account and e-commerce management from a central location
TW550477B (en) 2000-03-01 2003-09-01 Passgate Corp Method, system and computer readable medium for Web site account and e-commerce management from a central location
US7627531B2 (en) 2000-03-07 2009-12-01 American Express Travel Related Services Company, Inc. System for facilitating a transaction
AU2001243658B2 (en) 2000-03-15 2005-12-15 Mastercard International Incorporated Method and system for secure payments over a computer network
US20100228668A1 (en) * 2000-04-11 2010-09-09 Hogan Edward J Method and System for Conducting a Transaction Using a Proximity Device and an Identifier
US6990470B2 (en) 2000-04-11 2006-01-24 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US20100223186A1 (en) 2000-04-11 2010-09-02 Hogan Edward J Method and System for Conducting Secure Payments
US7379919B2 (en) 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US8046256B2 (en) 2000-04-14 2011-10-25 American Express Travel Related Services Company, Inc. System and method for using loyalty rewards as currency
CA2305249A1 (en) 2000-04-14 2001-10-14 Branko Sarcanin Virtual safe
US20070129955A1 (en) 2000-04-14 2007-06-07 American Express Travel Related Services Company, Inc. System and method for issuing and using a loyalty point advance
US6592044B1 (en) 2000-05-15 2003-07-15 Jacob Y. Wong Anonymous electronic card for generating personal coupons useful in commercial and security transactions
US20020016749A1 (en) 2000-05-26 2002-02-07 Borecki Dennis C. Methods and systems for network based electronic purchasing system
US6891953B1 (en) 2000-06-27 2005-05-10 Microsoft Corporation Method and system for binding enhanced software features to a persona
JP2002053672A (en) 2000-08-04 2002-02-19 Toray Ind Inc Gas treatment device for resin chip
US6938019B1 (en) 2000-08-29 2005-08-30 Uzo Chijioke Chukwuemeka Method and apparatus for making secure electronic payments
US20020029193A1 (en) 2000-09-01 2002-03-07 Infospace, Inc. Method and system for facilitating the transfer of funds utilizing a telephonic identifier
US20020073045A1 (en) 2000-10-23 2002-06-13 Rubin Aviel D. Off-line generation of limited-use credit card numbers
US7996288B1 (en) 2000-11-15 2011-08-09 Iprivacy, Llc Method and system for processing recurrent consumer transactions
US20040236632A1 (en) 2000-12-07 2004-11-25 Maritzen Michael L. System and method for conducing financial transactions using a personal transaction device with vehicle-accessed, payment-gateway terminals
EP1350228A4 (en) * 2000-12-22 2008-04-16 Mei Inc Secure communications for a currency handling machine
US6931382B2 (en) 2001-01-24 2005-08-16 Cdck Corporation Payment instrument authorization technique
GB2372616A (en) 2001-02-23 2002-08-28 Hewlett Packard Co Transaction method and apparatus using two part tokens
US7292999B2 (en) 2001-03-15 2007-11-06 American Express Travel Related Services Company, Inc. Online card present transaction
US7237117B2 (en) 2001-03-16 2007-06-26 Kenneth P. Weiss Universal secure registry
EP1381987A4 (en) 2001-03-26 2010-09-22 3M Future Ltd Transaction authorisation system
US20020147913A1 (en) 2001-04-09 2002-10-10 Lun Yip William Wai Tamper-proof mobile commerce system
US7650314B1 (en) 2001-05-25 2010-01-19 American Express Travel Related Services Company, Inc. System and method for securing a recurrent billing transaction
US8060448B2 (en) 2001-05-30 2011-11-15 Jones Thomas C Late binding tokens
JP4363800B2 (en) 2001-06-11 2009-11-11 ソニー株式会社 Electronic commerce support apparatus, electronic commerce support method, and computer program
US20060237528A1 (en) 2001-07-10 2006-10-26 Fred Bishop Systems and methods for non-traditional payment
US7805378B2 (en) 2001-07-10 2010-09-28 American Express Travel Related Servicex Company, Inc. System and method for encoding information in magnetic stripe format for use in radio frequency identification transactions
US8737954B2 (en) 2001-08-21 2014-05-27 Bookit Oy Ajanvarauspalvelu Managing recurring payments from mobile terminals
US7444676B1 (en) 2001-08-29 2008-10-28 Nader Asghari-Kamrani Direct authentication and authorization system and method for trusted network of financial institutions
US7103576B2 (en) 2001-09-21 2006-09-05 First Usa Bank, Na System for providing cardless payment
US7805376B2 (en) 2002-06-14 2010-09-28 American Express Travel Related Services Company, Inc. Methods and apparatus for facilitating a transaction
US6901387B2 (en) 2001-12-07 2005-05-31 General Electric Capital Financial Electronic purchasing method and apparatus for performing the same
US7904360B2 (en) 2002-02-04 2011-03-08 Alexander William EVANS System and method for verification, authentication, and notification of a transaction
US7890393B2 (en) 2002-02-07 2011-02-15 Ebay, Inc. Method and system for completing a transaction between a customer and a merchant
AUPS087602A0 (en) 2002-03-04 2002-03-28 Ong, Yong Kin (Michael) Electronic fund transfer system
AU2003230751A1 (en) 2002-03-29 2003-10-13 Bank One, Delaware, N.A. System and process for performing purchase transaction using tokens
US20040210498A1 (en) 2002-03-29 2004-10-21 Bank One, National Association Method and system for performing purchase and other transactions using tokens with multiple chips
US20030191709A1 (en) 2002-04-03 2003-10-09 Stephen Elston Distributed payment and loyalty processing for retail and vending
GB2387253B (en) 2002-04-03 2004-02-18 Swivel Technologies Ltd System and method for secure credit and debit card transactions
US7707120B2 (en) 2002-04-17 2010-04-27 Visa International Service Association Mobile account authentication service
WO2003091849A2 (en) 2002-04-23 2003-11-06 The Clearing House Service Company L.L.C. Payment identification code system
US8412623B2 (en) 2002-07-15 2013-04-02 Citicorp Credit Services, Inc. Method and system for a multi-purpose transactional platform
US7209561B1 (en) 2002-07-19 2007-04-24 Cybersource Corporation System and method for generating encryption seed values
US20040127256A1 (en) 2002-07-30 2004-07-01 Scott Goldthwaite Mobile device equipped with a contactless smart card reader/writer
US7606560B2 (en) 2002-08-08 2009-10-20 Fujitsu Limited Authentication services using mobile device
US7801826B2 (en) 2002-08-08 2010-09-21 Fujitsu Limited Framework and system for purchasing of goods and services
US7353382B2 (en) 2002-08-08 2008-04-01 Fujitsu Limited Security framework and protocol for universal pervasive transactions
US6805287B2 (en) 2002-09-12 2004-10-19 American Express Travel Related Services Company, Inc. System and method for converting a stored value card to a credit card
EP1579298A4 (en) 2002-11-05 2006-08-09 Aaron Whiteman Remote purchasing system and method
JP2006508471A (en) 2002-11-27 2006-03-09 アールエスエイ セキュリティー インク Identification and authentication system and method
GB2396472A (en) 2002-12-18 2004-06-23 Ncr Int Inc System for cash withdrawal
US7827101B2 (en) 2003-01-10 2010-11-02 First Data Corporation Payment system clearing for transactions
TW200412524A (en) 2003-01-15 2004-07-16 Lee Fung Chi A small amount paying/receiving system
US20040193891A1 (en) * 2003-03-31 2004-09-30 Juha Ollila Integrity check value for WLAN pseudonym
US8082210B2 (en) 2003-04-29 2011-12-20 The Western Union Company Authentication for online money transfers
US20070038867A1 (en) 2003-06-02 2007-02-15 Verbauwhede Ingrid M System for biometric signal processing with hardware and software acceleration
GB0318000D0 (en) 2003-07-31 2003-09-03 Ncr Int Inc Mobile applications
US7740168B2 (en) 2003-08-18 2010-06-22 Visa U.S.A. Inc. Method and system for generating a dynamic verification value
US20050199709A1 (en) 2003-10-10 2005-09-15 James Linlor Secure money transfer between hand-held devices
US7567936B1 (en) 2003-10-14 2009-07-28 Paradox Technical Solutions Llc Method and apparatus for handling pseudo identities
US20050080730A1 (en) 2003-10-14 2005-04-14 First Data Corporation System and method for secure account transactions
US20050108178A1 (en) 2003-11-17 2005-05-19 Richard York Order risk determination
US7543739B2 (en) 2003-12-17 2009-06-09 Qsecure, Inc. Automated payment card fraud detection and location
JP5043442B2 (en) 2004-01-20 2012-10-10 金 富 黄 Bank computer account system with lock
US7584153B2 (en) 2004-03-15 2009-09-01 Qsecure, Inc. Financial transactions with dynamic card verification values
US7580898B2 (en) 2004-03-15 2009-08-25 Qsecure, Inc. Financial transactions with dynamic personal account numbers
GB0407369D0 (en) 2004-03-31 2004-05-05 British Telecomm Trust tokens
US20140019352A1 (en) 2011-02-22 2014-01-16 Visa International Service Association Multi-purpose virtual card transaction apparatuses, methods and systems
US20050269402A1 (en) 2004-06-03 2005-12-08 Tyfone, Inc. System and method for securing financial transactions
US20050269401A1 (en) 2004-06-03 2005-12-08 Tyfone, Inc. System and method for securing financial transactions
US8412837B1 (en) 2004-07-08 2013-04-02 James A. Roskind Data privacy
US7264154B2 (en) 2004-07-12 2007-09-04 Harris David N System and method for securing a credit account
US7287692B1 (en) 2004-07-28 2007-10-30 Cisco Technology, Inc. System and method for securing transactions in a contact center environment
GB0420409D0 (en) 2004-09-14 2004-10-20 Waterleaf Ltd Online commercial transaction system and method of operation thereof
US7051929B2 (en) 2004-10-18 2006-05-30 Gongling Li Secure credit card having daily changed security number
US7548889B2 (en) 2005-01-24 2009-06-16 Microsoft Corporation Payment information security for multi-merchant purchasing environment for downloadable products
US7849020B2 (en) 2005-04-19 2010-12-07 Microsoft Corporation Method and apparatus for network transactions
SG161290A1 (en) 2005-04-19 2010-05-27 Microsoft Corp Network commercial transactions
US20060235795A1 (en) 2005-04-19 2006-10-19 Microsoft Corporation Secure network commercial transactions
US7793851B2 (en) 2005-05-09 2010-09-14 Dynamics Inc. Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US20080035738A1 (en) 2005-05-09 2008-02-14 Mullen Jeffrey D Dynamic credit card with magnetic stripe and embedded encoder and methods for using the same to provide a copy-proof credit card
US7731086B2 (en) 2005-06-10 2010-06-08 American Express Travel Related Services Company, Inc. System and method for mass transit merchant payment
EP1908006A4 (en) 2005-07-15 2011-04-06 Revolution Money Inc System and method for establishment of rules governing child accounts
US8762263B2 (en) * 2005-09-06 2014-06-24 Visa U.S.A. Inc. System and method for secured account numbers in proximity devices
KR20080059617A (en) * 2005-10-05 2008-06-30 프리바스피어 아게 Method and devices for user authentication
US8352376B2 (en) 2005-10-11 2013-01-08 Amazon Technologies, Inc. System and method for authorization of transactions
US8205791B2 (en) 2005-10-11 2012-06-26 National Payment Card Association Payment system and methods
US7853995B2 (en) 2005-11-18 2010-12-14 Microsoft Corporation Short-lived certificate authority service
US20070136193A1 (en) 2005-12-13 2007-06-14 Bellsouth Intellectual Property Corporation Methods, transactional cards, and systems using account identifers customized by the account holder
US8352323B2 (en) 2007-11-30 2013-01-08 Blaze Mobile, Inc. Conducting an online payment transaction using an NFC enabled mobile communication device
US8275312B2 (en) 2005-12-31 2012-09-25 Blaze Mobile, Inc. Induction triggered transactions using an external NFC device
US20070170247A1 (en) 2006-01-20 2007-07-26 Maury Samuel Friedman Payment card authentication system and method
US20070179885A1 (en) 2006-01-30 2007-08-02 Cpni Inc. Method and system for authorizing a funds transfer or payment using a phone number
WO2007145687A1 (en) 2006-02-21 2007-12-21 Weiss Kenneth P Method and apparatus for secure access payment and identification
US8234220B2 (en) 2007-02-21 2012-07-31 Weiss Kenneth P Universal secure registry
AU2007223334B2 (en) 2006-03-02 2012-07-12 Visa International Service Association Method and system for performing two factor authentication in mail order and telephone order transactions
US8225385B2 (en) 2006-03-23 2012-07-17 Microsoft Corporation Multiple security token transactions
US7818264B2 (en) 2006-06-19 2010-10-19 Visa U.S.A. Inc. Track data encryption
US9065643B2 (en) 2006-04-05 2015-06-23 Visa U.S.A. Inc. System and method for account identifier obfuscation
US20070245414A1 (en) 2006-04-14 2007-10-18 Microsoft Corporation Proxy Authentication and Indirect Certificate Chaining
WO2007148234A2 (en) 2006-04-26 2007-12-27 Yosef Shaked System and method for authenticating a customer's identity and completing a secure credit card transaction without the use of a credit card number
US20070291995A1 (en) 2006-06-09 2007-12-20 Rivera Paul G System, Method, and Apparatus for Preventing Identity Fraud Associated With Payment and Identity Cards
NZ547903A (en) * 2006-06-14 2008-03-28 Fronde Anywhere Ltd A method of generating an authentication token and a method of authenticating an online transaction
US20080015988A1 (en) 2006-06-28 2008-01-17 Gary Brown Proxy card authorization system
US10019708B2 (en) 2006-08-25 2018-07-10 Amazon Technologies, Inc. Utilizing phrase tokens in transactions
US7469151B2 (en) 2006-09-01 2008-12-23 Vivotech, Inc. Methods, systems and computer program products for over the air (OTA) provisioning of soft cards on devices with wireless communications capabilities
US20080228646A1 (en) 2006-10-04 2008-09-18 Myers James R Method and system for managing a non-changing payment card account number
AT506775A2 (en) 2006-11-16 2009-11-15 Net 1 Ueps Technologies Inc SECURED FINANCIAL TRANSACTIONS
US7848980B2 (en) 2006-12-26 2010-12-07 Visa U.S.A. Inc. Mobile payment system and method using alias
US20090006262A1 (en) 2006-12-30 2009-01-01 Brown Kerry D Financial transaction payment processor
US7841539B2 (en) 2007-02-15 2010-11-30 Alfred Hewton Smart card with random temporary account number generation
US20080201264A1 (en) 2007-02-17 2008-08-21 Brown Kerry D Payment card financial transaction authenticator
US20080243702A1 (en) 2007-03-30 2008-10-02 Ricoh Company, Ltd. Tokens Usable in Value-Based Transactions
US7938318B2 (en) 2007-04-03 2011-05-10 Intellectual Ventures Holding 32 Llc System and method for controlling secured transaction using directionally coded account identifiers
US7896238B2 (en) 2007-04-03 2011-03-01 Intellectual Ventures Holding 32 Llc Secured transaction using color coded account identifiers
EP2149084B1 (en) 2007-04-17 2019-03-27 Visa U.S.A. Inc. Method and system for authenticating a party to a transaction
US7959076B1 (en) 2007-04-26 2011-06-14 United Services Automobile Association (Usaa) Secure card
US8109436B1 (en) 2007-04-26 2012-02-07 United Services Automobile Association (Usaa) Secure card
US7784685B1 (en) 2007-04-26 2010-08-31 United Services Automobile Association (Usaa) Secure card
US7841523B2 (en) 2007-05-17 2010-11-30 Shift4 Corporation Secure payment card transactions
ES2748847T3 (en) 2007-05-17 2020-03-18 Shift4 Corp Secure payment card transactions
US7891563B2 (en) 2007-05-17 2011-02-22 Shift4 Corporation Secure payment card transactions
US7770789B2 (en) 2007-05-17 2010-08-10 Shift4 Corporation Secure payment card transactions
US7971261B2 (en) 2007-06-12 2011-06-28 Microsoft Corporation Domain management for digital media
US7739169B2 (en) 2007-06-25 2010-06-15 Visa U.S.A. Inc. Restricting access to compromised account information
US8121942B2 (en) 2007-06-25 2012-02-21 Visa U.S.A. Inc. Systems and methods for secure and transparent cardless transactions
JP2009015548A (en) 2007-07-04 2009-01-22 Omron Corp Drive assisting device and method, and program
US8326758B2 (en) 2007-08-06 2012-12-04 Enpulz, L.L.C. Proxy card representing many monetary sources from a plurality of vendors
US8494959B2 (en) 2007-08-17 2013-07-23 Emc Corporation Payment card with dynamic account number
US7849014B2 (en) 2007-08-29 2010-12-07 American Express Travel Related Services Company, Inc. System and method for facilitating a financial transaction with a dynamically generated identifier
US9070129B2 (en) 2007-09-04 2015-06-30 Visa U.S.A. Inc. Method and system for securing data fields
US7937324B2 (en) 2007-09-13 2011-05-03 Visa U.S.A. Inc. Account permanence
US9747598B2 (en) 2007-10-02 2017-08-29 Iii Holdings 1, Llc Dynamic security code push
US8095113B2 (en) 2007-10-17 2012-01-10 First Data Corporation Onetime passwords for smart chip cards
US20090106160A1 (en) 2007-10-19 2009-04-23 First Data Corporation Authorizations for mobile contactless payment transactions
CN101425894B (en) 2007-10-30 2012-03-21 阿里巴巴集团控股有限公司 Service implementing system and method
US8249985B2 (en) 2007-11-29 2012-08-21 Bank Of America Corporation Sub-account mechanism
US20090157555A1 (en) 2007-12-12 2009-06-18 American Express Travel Related Services Company, Bill payment system and method
US8117129B2 (en) 2007-12-21 2012-02-14 American Express Travel Related Services Company, Inc. Systems, methods and computer program products for performing mass transit merchant transactions
US10169692B2 (en) 2007-12-24 2019-01-01 Dynamics Inc. Credit, security, debit cards and the like with buttons
US8224702B2 (en) 2007-12-28 2012-07-17 Ebay, Inc. Systems and methods for facilitating financial transactions over a network
WO2009089099A1 (en) 2008-01-04 2009-07-16 M2 International Ltd. Dynamic card verification value
FR2926938B1 (en) 2008-01-28 2010-03-19 Paycool Dev METHOD OF AUTHENTICATING AND SIGNING A USER TO AN APPLICATION SERVICE USING A MOBILE PHONE AS A SECOND FACTOR IN COMPLEMENT AND INDEPENDENTLY OF A FIRST FACTOR
US8255971B1 (en) 2008-03-03 2012-08-28 Jpmorgan Chase Bank, N.A. Authentication system and method
US20140250001A1 (en) * 2010-12-14 2014-09-04 Giftya Llc System and method for processing gifts between different payment account types
US8578176B2 (en) 2008-03-26 2013-11-05 Protegrity Corporation Method and apparatus for tokenization of sensitive sets of characters
US20090248583A1 (en) 2008-03-31 2009-10-01 Jasmeet Chhabra Device, system, and method for secure online transactions
US20090327131A1 (en) 2008-04-29 2009-12-31 American Express Travel Related Services Company, Inc. Dynamic account authentication using a mobile device
US20090276347A1 (en) 2008-05-01 2009-11-05 Kargman James B Method and apparatus for use of a temporary financial transaction number or code
US9715709B2 (en) 2008-05-09 2017-07-25 Visa International Services Association Communication device including multi-part alias identifier
US8651374B2 (en) 2008-06-02 2014-02-18 Sears Brands, L.L.C. System and method for payment card industry enterprise account number elimination
US20090307140A1 (en) 2008-06-06 2009-12-10 Upendra Mardikar Mobile device over-the-air (ota) registration and point-of-sale (pos) payment
US8898089B2 (en) 2008-06-24 2014-11-25 Visa U.S.A. Inc. Dynamic verification value system and method
US9269010B2 (en) 2008-07-14 2016-02-23 Jumio Inc. Mobile phone payment system using integrated camera credit card reader
US8090650B2 (en) 2008-07-24 2012-01-03 At&T Intellectual Property I, L.P. Secure payment service and system for interactive voice response (IVR) systems
US8219489B2 (en) 2008-07-29 2012-07-10 Visa U.S.A. Inc. Transaction processing using a global unique identifier
US9053474B2 (en) 2008-08-04 2015-06-09 At&T Mobility Ii Llc Systems and methods for handling point-of-sale transactions using a mobile device
US8281991B2 (en) 2008-08-07 2012-10-09 Visa U.S.A. Inc. Transaction secured in an untrusted environment
US8403211B2 (en) 2008-09-04 2013-03-26 Metabank System, program product and methods for retail activation and reload associated with partial authorization transactions
EP2329632B1 (en) 2008-09-29 2018-10-24 Nokia Technologies Oy Hiding a device identity
US8965811B2 (en) * 2008-10-04 2015-02-24 Mastercard International Incorporated Methods and systems for using physical payment cards in secure E-commerce transactions
US20100094755A1 (en) 2008-10-09 2010-04-15 Nelnet Business Solutions, Inc. Providing payment data tokens for online transactions utilizing hosted inline frames
US20100106644A1 (en) 2008-10-23 2010-04-29 Diversinet Corp. System and Method for Authorizing Transactions Via Mobile Devices
US8126449B2 (en) 2008-11-13 2012-02-28 American Express Travel Related Services Company, Inc. Servicing attributes on a mobile device
US8196813B2 (en) 2008-12-03 2012-06-12 Ebay Inc. System and method to allow access to a value holding account
US8838503B2 (en) 2008-12-08 2014-09-16 Ebay Inc. Unified identity verification
US8060449B1 (en) 2009-01-05 2011-11-15 Sprint Communications Company L.P. Partially delegated over-the-air provisioning of a secure element
US10354321B2 (en) 2009-01-22 2019-07-16 First Data Corporation Processing transactions with an extended application ID and dynamic cryptograms
US10037524B2 (en) 2009-01-22 2018-07-31 First Data Corporation Dynamic primary account number (PAN) and unique key per card
US8606638B2 (en) 2009-03-02 2013-12-10 First Data Corporation Systems, methods and apparatus for facilitating transactions using a mobile device
US20100235284A1 (en) 2009-03-13 2010-09-16 Gidah, Inc. Method and systems for generating and using tokens in a transaction handling system
US8595098B2 (en) 2009-03-18 2013-11-26 Network Merchants, Inc. Transmission of sensitive customer information during electronic-based transactions
US8567670B2 (en) 2009-03-27 2013-10-29 Intersections Inc. Dynamic card verification values and credit transactions
US8584251B2 (en) 2009-04-07 2013-11-12 Princeton Payment Solutions Token-based payment processing system
US20100258620A1 (en) 2009-04-10 2010-10-14 Denise Torreyson Methods and systems for linking multiple accounts
JP5547803B2 (en) 2009-04-16 2014-07-16 テレフオンアクチーボラゲット エル エム エリクソン(パブル) Method, server, and computer program for sending a message to a secure element
WO2010126509A2 (en) 2009-04-30 2010-11-04 Donald Michael Cardina Systems and methods for randomized mobile payment
US8725122B2 (en) 2009-05-13 2014-05-13 First Data Corporation Systems and methods for providing trusted service management services
US8534564B2 (en) 2009-05-15 2013-09-17 Ayman Hammad Integration of verification tokens with mobile communication devices
US10140598B2 (en) 2009-05-20 2018-11-27 Visa International Service Association Device including encrypted data for expiration date and verification value creation
US20100306076A1 (en) 2009-05-29 2010-12-02 Ebay Inc. Trusted Integrity Manager (TIM)
US8231055B2 (en) 2009-10-13 2012-07-31 Square, Inc. Systems and methods for decoding card swipe signals
TWI402775B (en) 2009-07-16 2013-07-21 Mxtran Inc Financial transaction system, automated teller machine (atm), and method for operating an atm
US8504475B2 (en) 2009-08-10 2013-08-06 Visa International Service Association Systems and methods for enrolling users in a payment service
US8818882B2 (en) 2009-08-24 2014-08-26 Visa International Service Association Alias identity and reputation validation engine
US20110083018A1 (en) 2009-10-06 2011-04-07 Validity Sensors, Inc. Secure User Authentication
US8447699B2 (en) 2009-10-13 2013-05-21 Qualcomm Incorporated Global secure service provider directory
AU2010306566B2 (en) 2009-10-16 2015-12-10 Visa International Service Association Anti-phishing system and method including list with user data
US20110246317A1 (en) 2009-10-23 2011-10-06 Apriva, Llc System and device for facilitating a transaction through use of a proxy account code
US8296568B2 (en) * 2009-10-27 2012-10-23 Google Inc. Systems and methods for authenticating an electronic transaction
US8433116B2 (en) 2009-11-03 2013-04-30 Mela Sciences, Inc. Showing skin lesion information
US9633351B2 (en) 2009-11-05 2017-04-25 Visa International Service Association Encryption switch processing
US20110270751A1 (en) 2009-12-14 2011-11-03 Andrew Csinger Electronic commerce system and system and method for establishing a trusted session
US8595812B2 (en) 2009-12-18 2013-11-26 Sabre Inc. Tokenized data security
US10255591B2 (en) 2009-12-18 2019-04-09 Visa International Service Association Payment channel returning limited use proxy dynamic value
US9324066B2 (en) 2009-12-21 2016-04-26 Verizon Patent And Licensing Inc. Method and system for providing virtual credit card services
US8788429B2 (en) 2009-12-30 2014-07-22 First Data Corporation Secure transaction management
WO2011088109A2 (en) 2010-01-12 2011-07-21 Visa International Service Association Anytime validation for verification tokens
RU2698767C2 (en) 2010-01-19 2019-08-29 Виза Интернэшнл Сервис Ассосиэйшн Remote variable authentication processing
EP2526517B1 (en) 2010-01-19 2018-08-08 Visa International Service Association Token based transaction authentication
US8615468B2 (en) 2010-01-27 2013-12-24 Ca, Inc. System and method for generating a dynamic card value
CN102714606B (en) 2010-01-31 2015-09-02 惠普发展公司,有限责任合伙企业 For the method and system of the management of the traffic data through sampling
US9501773B2 (en) 2010-02-02 2016-11-22 Xia Dai Secured transaction system
US8510816B2 (en) 2010-02-25 2013-08-13 Secureauth Corporation Security device provisioning
US8458487B1 (en) 2010-03-03 2013-06-04 Liaison Technologies, Inc. System and methods for format preserving tokenization of sensitive information
US9245267B2 (en) 2010-03-03 2016-01-26 Visa International Service Association Portable account number for consumer payment account
CN102947846A (en) 2010-03-07 2013-02-27 吉尔巴科公司 Fuel dispenser payment system and method
PL390674A1 (en) * 2010-03-10 2011-09-12 Telecash Spółka Z Ograniczoną Odpowiedzialnością Method for realization of the payment transaction using a personal mobile device and personal mobile device system
US8533860B1 (en) 2010-03-21 2013-09-10 William Grecia Personalized digital media access system—PDMAS part II
US8402555B2 (en) 2010-03-21 2013-03-19 William Grecia Personalized digital media access system (PDMAS)
US8887308B2 (en) 2010-03-21 2014-11-11 William Grecia Digital cloud access (PDMAS part III)
US20110238573A1 (en) 2010-03-25 2011-09-29 Computer Associates Think, Inc. Cardless atm transaction method and system
US8380177B2 (en) 2010-04-09 2013-02-19 Paydiant, Inc. Mobile phone payment processing methods and systems
US8336088B2 (en) 2010-04-19 2012-12-18 Visa International Service Association Alias management and value transfer claim processing
CN102939613A (en) 2010-06-04 2013-02-20 维萨国际服务协会 Payment tokenization apparatuses, methods and systems
US8442914B2 (en) 2010-07-06 2013-05-14 Mastercard International Incorporated Virtual wallet account with automatic-loading
US8571939B2 (en) 2010-07-07 2013-10-29 Toshiba Global Commerce Solutions Holdings Corporation Two phase payment link and authorization for mobile devices
US8453226B2 (en) 2010-07-16 2013-05-28 Visa International Service Association Token validation for advanced authorization
US8635157B2 (en) 2010-07-19 2014-01-21 Payme, Inc. Mobile system and method for payments and non-financial transactions
US20120028609A1 (en) 2010-07-27 2012-02-02 John Hruska Secure financial transaction system using a registered mobile device
US9342832B2 (en) 2010-08-12 2016-05-17 Visa International Service Association Securing external systems with account token substitution
CN101938520B (en) 2010-09-07 2015-01-28 中兴通讯股份有限公司 Mobile terminal signature-based remote payment system and method
US20120066078A1 (en) 2010-09-10 2012-03-15 Bank Of America Corporation Overage service using overage passcode
US8898086B2 (en) 2010-09-27 2014-11-25 Fidelity National Information Services Systems and methods for transmitting financial account information
US9558481B2 (en) 2010-09-28 2017-01-31 Barclays Bank Plc Secure account provisioning
US20120095852A1 (en) 2010-10-15 2012-04-19 John Bauer Method and system for electronic wallet access
US20120095865A1 (en) 2010-10-15 2012-04-19 Ezpayy, Inc. System And Method For Mobile Electronic Purchasing
US10176477B2 (en) 2010-11-16 2019-01-08 Mastercard International Incorporated Methods and systems for universal payment account translation
US8577336B2 (en) 2010-11-18 2013-11-05 Mobilesphere Holdings LLC System and method for transaction authentication using a mobile communication device
WO2012073014A1 (en) 2010-11-29 2012-06-07 Mobay Technologies Limited A system for verifying electronic transactions
US9141945B2 (en) 2010-12-02 2015-09-22 Appmobi Iplc, Inc. Secure distributed single action payment system
US20120143754A1 (en) 2010-12-03 2012-06-07 Narendra Patel Enhanced credit card security apparatus and method
US8762284B2 (en) 2010-12-16 2014-06-24 Democracyontheweb, Llc Systems and methods for facilitating secure transactions
US8646059B1 (en) 2010-12-17 2014-02-04 Google Inc. Wallet application for interacting with a secure element application without a trusted server for authentication
WO2012085675A2 (en) 2010-12-20 2012-06-28 Eram Antonio Claudiu System, method and apparatus for mobile payments enablement and order fulfillment
US20120173431A1 (en) 2010-12-30 2012-07-05 First Data Corporation Systems and methods for using a token as a payment in a transaction
US20120185386A1 (en) 2011-01-18 2012-07-19 Bank Of America Authentication tool
WO2012098555A1 (en) 2011-01-20 2012-07-26 Google Inc. Direct carrier billing
US8725644B2 (en) 2011-01-28 2014-05-13 The Active Network, Inc. Secure online transaction processing
US20120203666A1 (en) 2011-02-09 2012-08-09 Tycoon Unlimited, Inc. Contactless wireless transaction processing system
US20120203664A1 (en) 2011-02-09 2012-08-09 Tycoon Unlimited, Inc. Contactless wireless transaction processing system
US8751381B2 (en) 2011-02-23 2014-06-10 Mastercard International Incorporated Demand deposit account payment system
AU2012223415B2 (en) 2011-02-28 2017-05-18 Visa International Service Association Secure anonymous transaction apparatuses, methods and systems
KR101895243B1 (en) 2011-03-04 2018-10-24 비자 인터네셔널 서비스 어소시에이션 Integration of payment capability into secure elements of computers
US20120233004A1 (en) 2011-03-11 2012-09-13 James Bercaw System for mobile electronic commerce
US20120231844A1 (en) 2011-03-11 2012-09-13 Apriva, Llc System and device for facilitating a transaction by consolidating sim, personal token, and associated applications for electronic wallet transactions
US20120246071A1 (en) 2011-03-21 2012-09-27 Nikhil Jain System and method for presentment of nonconfidential transaction token identifier
AU2012201745B2 (en) 2011-03-24 2014-11-13 Visa International Service Association Authentication using application authentication element
WO2012142045A2 (en) 2011-04-11 2012-10-18 Visa International Service Association Multiple tokenization for authentication
US9256874B2 (en) 2011-04-15 2016-02-09 Shift4 Corporation Method and system for enabling merchants to share tokens
US9818111B2 (en) 2011-04-15 2017-11-14 Shift4 Corporation Merchant-based token sharing
EP2697756A4 (en) 2011-04-15 2014-09-10 Shift4 Corp Method and system for enabling merchants to share tokens
US8688589B2 (en) 2011-04-15 2014-04-01 Shift4 Corporation Method and system for utilizing authorization factor pools
WO2012145530A2 (en) 2011-04-20 2012-10-26 Visa International Service Association Managing electronic tokens in a transaction processing system
US20130110658A1 (en) 2011-05-05 2013-05-02 Transaction Network Services, Inc. Systems and methods for enabling mobile payments
US20130204793A1 (en) 2011-05-17 2013-08-08 Kevin S. Kerridge Smart communication device secured electronic payment system
US9154477B2 (en) 2011-05-26 2015-10-06 First Data Corporation Systems and methods for encrypting mobile device communications
US8943574B2 (en) 2011-05-27 2015-01-27 Vantiv, Llc Tokenizing sensitive data
US8868902B1 (en) * 2013-07-01 2014-10-21 Cryptite LLC Characteristically shaped colorgram tokens in mobile transactions
US10395256B2 (en) 2011-06-02 2019-08-27 Visa International Service Association Reputation management in a transaction processing system
US8538845B2 (en) 2011-06-03 2013-09-17 Mozido, Llc Monetary transaction system
CN103797500A (en) 2011-06-03 2014-05-14 维萨国际服务协会 Virtual wallet card selection apparatuses, methods and systems
US20120316992A1 (en) 2011-06-07 2012-12-13 Oborne Timothy W Payment privacy tokenization apparatuses, methods and systems
US10318932B2 (en) 2011-06-07 2019-06-11 Entit Software Llc Payment card processing system with structure preserving encryption
WO2012167941A1 (en) 2011-06-09 2012-12-13 Gemalto Sa Method to validate a transaction between a user and a service provider
US9355393B2 (en) 2011-08-18 2016-05-31 Visa International Service Association Multi-directional wallet connector apparatuses, methods and systems
US9639828B2 (en) 2011-07-15 2017-05-02 Visa International Service Association Method and system for hosted order page/silent order post plus fraud detection
US9704155B2 (en) 2011-07-29 2017-07-11 Visa International Service Association Passing payment tokens through an hop/sop
US20130054412A1 (en) 2011-08-22 2013-02-28 American Express Travel Related Services Company, Inc. Methods and systems for contactless payments for online ecommerce checkout
AP2014007523A0 (en) 2011-08-23 2014-03-31 Visa Int Service Ass Mobile funding method and system
US20130226799A1 (en) 2011-08-23 2013-08-29 Thanigaivel Ashwin Raj Authentication process for value transfer machine
EP2751754A4 (en) 2011-08-30 2015-06-03 C Douglas Yeager Systems and methods for authorizing a transaction with an unexpected cryptogram
US20130339253A1 (en) 2011-08-31 2013-12-19 Dan Moshe Sincai Mobile Device Based Financial Transaction System
US8171525B1 (en) 2011-09-15 2012-05-01 Google Inc. Enabling users to select between secure service providers using a central trusted service manager
US8838982B2 (en) 2011-09-21 2014-09-16 Visa International Service Association Systems and methods to secure user identification
US8453223B2 (en) 2011-09-23 2013-05-28 Jerome Svigals Method, device and system for secure transactions
WO2013048538A1 (en) 2011-10-01 2013-04-04 Intel Corporation Cloud based credit card emulation
IN2014KN00998A (en) * 2011-10-12 2015-09-04 C Sam Inc
US9229964B2 (en) 2011-10-27 2016-01-05 Visa International Business Machines Corporation Database cloning and migration for quality assurance
KR101826275B1 (en) 2011-11-01 2018-02-06 구글 엘엘씨 Systems, methods, and computer program products for interfacing multiple service provider trusted service managers and secure elements
US9830596B2 (en) 2011-11-01 2017-11-28 Stripe, Inc. Method for conducting a transaction between a merchant site and a customer's electronic device without exposing payment information to a server-side application of the merchant site
US9165321B1 (en) 2011-11-13 2015-10-20 Google Inc. Optimistic receipt flow
US20130124364A1 (en) 2011-11-13 2013-05-16 Millind Mittal System and method of electronic payment using payee provided transaction identification codes
WO2013086048A1 (en) 2011-12-05 2013-06-13 Visa International Service Association Dynamic network analytic system
US8972719B2 (en) 2011-12-06 2015-03-03 Wwpass Corporation Passcode restoration
US8555079B2 (en) 2011-12-06 2013-10-08 Wwpass Corporation Token management
US8656180B2 (en) 2011-12-06 2014-02-18 Wwpass Corporation Token activation
US20130159178A1 (en) 2011-12-14 2013-06-20 Firethorn Mobile, Inc. System and Method For Loading A Virtual Token Managed By A Mobile Wallet System
US20130159184A1 (en) 2011-12-15 2013-06-20 Visa International Service Association System and method of using load network to associate product or service with a consumer token
US20130159195A1 (en) * 2011-12-16 2013-06-20 Rawllin International Inc. Authentication of devices
US20140040139A1 (en) 2011-12-19 2014-02-06 Sequent Software, Inc. System and method for dynamic temporary payment authorization in a portable communication device
WO2013096606A1 (en) 2011-12-21 2013-06-27 Mastercard International Incorporated Methods and systems for providing a payment account with adaptive interchange
US9077769B2 (en) 2011-12-29 2015-07-07 Blackberry Limited Communications system providing enhanced trusted service manager (TSM) verification features and related methods
US20130254117A1 (en) 2011-12-30 2013-09-26 Clay W. von Mueller Secured transaction system and method
US8566168B1 (en) 2012-01-05 2013-10-22 Sprint Communications Company L.P. Electronic payment using a proxy account number stored in a secure element
RU2631983C2 (en) 2012-01-05 2017-09-29 Виза Интернэшнл Сервис Ассосиэйшн Data protection with translation
US9799027B2 (en) 2012-01-19 2017-10-24 Mastercard International Incorporated System and method to enable a network of digital wallets
US9830595B2 (en) 2012-01-26 2017-11-28 Visa International Service Association System and method of providing tokenization as a service
US10643191B2 (en) 2012-01-27 2020-05-05 Visa International Service Association Mobile services remote deposit capture
US8595850B2 (en) 2012-01-30 2013-11-26 Voltage Security, Inc. System for protecting sensitive data with distributed tokenization
WO2013116726A1 (en) 2012-02-03 2013-08-08 Ebay Inc. Adding card to mobile wallet using nfc
EP2624190A1 (en) 2012-02-03 2013-08-07 Pieter Dubois Authentication of payment transactions using an alias
US8893250B2 (en) 2012-02-10 2014-11-18 Protegrity Corporation Tokenization in mobile environments
US20130212017A1 (en) 2012-02-14 2013-08-15 N.B. Development Services Inc. Transaction system and method of conducting a transaction
US20130226813A1 (en) 2012-02-23 2013-08-29 Robert Matthew Voltz Cyberspace Identification Trust Authority (CITA) System and Method
US20130246199A1 (en) 2012-03-14 2013-09-19 Mark Carlson Point-of-transaction account feature redirection apparatuses, methods and systems
US20130246267A1 (en) 2012-03-15 2013-09-19 Ebay Inc. Systems, Methods, and Computer Program Products for Using Proxy Accounts
US9105021B2 (en) 2012-03-15 2015-08-11 Ebay, Inc. Systems, methods, and computer program products for using proxy accounts
US20130246259A1 (en) 2012-03-15 2013-09-19 Firethorn Mobile, Inc. System and method for managing payment in transactions with a pcd
US9092776B2 (en) 2012-03-15 2015-07-28 Qualcomm Incorporated System and method for managing payment in transactions with a PCD
US20130254102A1 (en) 2012-03-20 2013-09-26 First Data Corporation Systems and Methods for Distributing Tokenization and De-Tokenization Services
US9818098B2 (en) 2012-03-20 2017-11-14 First Data Corporation Systems and methods for facilitating payments via a peer-to-peer protocol
US20130254028A1 (en) 2012-03-22 2013-09-26 Corbuss Kurumsal Telekom Hizmetleri A.S. System and method for conducting mobile commerce
US20130262315A1 (en) 2012-03-30 2013-10-03 John Hruska System for Secure Purchases Made by Scanning Barcode Using a Registered Mobile Phone Application Linked to a Consumer-Merchant Closed Loop Financial Proxy Account System
US10515359B2 (en) 2012-04-02 2019-12-24 Mastercard International Incorporated Systems and methods for processing mobile payments by provisioning credentials to mobile devices without secure elements
WO2013151807A1 (en) 2012-04-02 2013-10-10 Jvl Ventures, Llc Systems, methods, and computer program products for provisioning payment accounts into mobile wallets and managing events
US10528944B2 (en) 2012-04-13 2020-01-07 Mastercard International Incorporated Systems, methods, and computer readable media for conducting a transaction using cloud based credentials
CA2869208C (en) 2012-04-18 2015-11-17 Google, Inc. Processing payment transactions without a secure element
US20130282588A1 (en) 2012-04-22 2013-10-24 John Hruska Consumer, Merchant and Mobile Device Specific, Real-Time Dynamic Tokenization Activation within a Secure Mobile-Wallet Financial Transaction System
US20130297501A1 (en) 2012-05-04 2013-11-07 Justin Monk System and method for local data conversion
US10275764B2 (en) 2012-05-04 2019-04-30 Mastercard International Incorporated Transaction data tokenization
US10270587B1 (en) * 2012-05-14 2019-04-23 Citigroup Technology, Inc. Methods and systems for electronic transactions using multifactor authentication
US9521548B2 (en) 2012-05-21 2016-12-13 Nexiden, Inc. Secure registration of a mobile device for use with a session
US20130311382A1 (en) 2012-05-21 2013-11-21 Klaus S. Fosmark Obtaining information for a payment transaction
WO2013179271A2 (en) 2012-06-01 2013-12-05 Mani Venkatachalam Sthanu Subra Method and system for human assisted secure payment by phone to an insecure third-party service provider
US9524501B2 (en) 2012-06-06 2016-12-20 Visa International Service Association Method and system for correlating diverse transaction data
US20130346305A1 (en) 2012-06-26 2013-12-26 Carta Worldwide Inc. Mobile wallet payment processing
US20140007213A1 (en) 2012-06-29 2014-01-02 Wepay, Inc. Systems and methods for push notification based application authentication and authorization
US8862882B2 (en) * 2012-06-29 2014-10-14 Intel Corporation Systems and methods for authenticating devices by adding secure features to Wi-Fi tags
WO2014008403A1 (en) 2012-07-03 2014-01-09 Visa International Service Association Data protection hub
US9059972B2 (en) 2012-07-03 2015-06-16 International Business Machines Corporation Issuing, presenting and challenging mobile device identification documents
US20140025585A1 (en) 2012-07-19 2014-01-23 Bank Of America Corporation Distributing authorized tokens to conduct mobile transactions
US20140025581A1 (en) 2012-07-19 2014-01-23 Bank Of America Corporation Mobile transactions using authorized tokens
US9043609B2 (en) 2012-07-19 2015-05-26 Bank Of America Corporation Implementing security measures for authorized tokens used in mobile transactions
US9846861B2 (en) 2012-07-25 2017-12-19 Visa International Service Association Upstream and downstream data conversion
US9256871B2 (en) 2012-07-26 2016-02-09 Visa U.S.A. Inc. Configurable payment tokens
US10346838B2 (en) 2012-07-31 2019-07-09 Worldpay, Llc Systems and methods for distributed enhanced payment processing
US10339524B2 (en) 2012-07-31 2019-07-02 Worldpay, Llc Systems and methods for multi-merchant tokenization
US10152711B2 (en) 2012-07-31 2018-12-11 Worldpay, Llc Systems and methods for arbitraged enhanced payment processing
EP2885904B1 (en) 2012-08-03 2018-04-25 Vasco Data Security International GmbH User-convenient authentication method and apparatus using a mobile authentication application
US9665722B2 (en) 2012-08-10 2017-05-30 Visa International Service Association Privacy firewall
WO2014028926A1 (en) 2012-08-17 2014-02-20 Google Inc. Wireless reader and payment transaction terminal functionality
AU2013308905B2 (en) 2012-08-28 2018-12-13 Visa International Service Association Protecting assets on a device
AU2013315510B2 (en) 2012-09-11 2019-08-22 Visa International Service Association Cloud-based Virtual Wallet NFC Apparatuses, methods and systems
US9390412B2 (en) 2012-10-16 2016-07-12 Visa International Service Association Dynamic point of sale system integrated with reader device
WO2014066559A1 (en) 2012-10-23 2014-05-01 Visa International Service Association Transaction initiation determination system utilizing transaction data elements
US9911118B2 (en) 2012-11-21 2018-03-06 Visa International Service Association Device pairing via trusted intermediary
US20140164243A1 (en) 2012-12-07 2014-06-12 Christian Aabye Dynamic Account Identifier With Return Real Account Identifier
US9741051B2 (en) 2013-01-02 2017-08-22 Visa International Service Association Tokenization and third-party interaction
US20140324690A1 (en) 2013-01-11 2014-10-30 American Express Travel Related Services Company, Inc. System and method for a single digital wallet dynamic checkout tool
CN103116940A (en) * 2013-01-24 2013-05-22 东南大学 Tracking data encryption method and transmission system thereof
AU2014222351B2 (en) 2013-02-26 2016-11-17 Visa International Service Association Methods and systems for providing payment credentials
US9249241B2 (en) 2013-03-27 2016-02-02 Ut-Battelle, Llc Surface-functionalized mesoporous carbon materials
AU2014246711A1 (en) 2013-04-04 2015-10-29 Visa International Service Association Method and system for conducting pre-authorized financial transactions
US20140310183A1 (en) 2013-04-15 2014-10-16 Lance Weber Embedded acceptance system
US20140331265A1 (en) 2013-05-01 2014-11-06 Microsoft Corporation Integrated interactive television entertainment system
US11055710B2 (en) 2013-05-02 2021-07-06 Visa International Service Association Systems and methods for verifying and processing transactions using virtual currency
US20140330722A1 (en) 2013-05-02 2014-11-06 Prasanna Laxminarayanan System and method for using an account sequence identifier
US9760886B2 (en) 2013-05-10 2017-09-12 Visa International Service Association Device provisioning using partial personalization scripts
US9978062B2 (en) 2013-05-15 2018-05-22 Visa International Service Association Mobile tokenization hub
US10878422B2 (en) 2013-06-17 2020-12-29 Visa International Service Association System and method using merchant token
EP3017411A4 (en) 2013-07-02 2016-07-13 Visa Int Service Ass Payment card including user interface for use with payment card acceptance terminal
JP6371390B2 (en) 2013-07-15 2018-08-08 ビザ インターナショナル サービス アソシエーション Secure remote payment transaction processing
EP3025292A4 (en) 2013-07-24 2017-03-29 Visa International Service Association Systems and methods for interoperable network token processing
SG10201801086RA (en) 2013-08-08 2018-03-28 Visa Int Service Ass Methods and systems for provisioning mobile devices with payment credentials
US10496986B2 (en) 2013-08-08 2019-12-03 Visa International Service Association Multi-network tokenization processing
CN113011896B (en) 2013-08-15 2024-04-09 维萨国际服务协会 Secure remote payment transaction processing using secure elements
US10037082B2 (en) 2013-09-17 2018-07-31 Paypal, Inc. Physical interaction dependent transactions
AU2014321178A1 (en) 2013-09-20 2016-04-14 Visa International Service Association Secure remote payment transaction processing including consumer authentication
US20150095238A1 (en) * 2013-09-30 2015-04-02 Apple Inc. Online payments using a secure element of an electronic device
US9978094B2 (en) 2013-10-11 2018-05-22 Visa International Service Association Tokenization revocation list
RU2691843C2 (en) 2013-10-11 2019-06-18 Виза Интернэшнл Сервис Ассосиэйшн Network token system
US10515358B2 (en) 2013-10-18 2019-12-24 Visa International Service Association Contextual transaction token methods and systems
US10489779B2 (en) 2013-10-21 2019-11-26 Visa International Service Association Multi-network token bin routing with defined verification parameters
US10366387B2 (en) 2013-10-29 2019-07-30 Visa International Service Association Digital wallet system and method
US20150127529A1 (en) 2013-11-05 2015-05-07 Oleg Makhotin Methods and systems for mobile payment application selection and management using an application linker
US20150142673A1 (en) 2013-11-18 2015-05-21 Mark Nelsen Methods and systems for token request management
CN105934771B (en) 2013-11-19 2020-05-05 维萨国际服务协会 Automatic account provisioning
US20150161597A1 (en) 2013-12-09 2015-06-11 Kaushik Subramanian Transactions using temporary credential data
EP3084701B1 (en) 2013-12-19 2022-05-04 Visa International Service Association Cloud-based transactions methods and systems
US9922322B2 (en) 2013-12-19 2018-03-20 Visa International Service Association Cloud-based transactions with magnetic secure transmission
US10445718B2 (en) 2013-12-27 2019-10-15 Visa International Service Association Processing a transaction using multiple application identifiers
US10108409B2 (en) 2014-01-03 2018-10-23 Visa International Service Association Systems and methods for updatable applets
US10433128B2 (en) 2014-01-07 2019-10-01 Visa International Service Association Methods and systems for provisioning multiple devices
US20150199679A1 (en) 2014-01-13 2015-07-16 Karthikeyan Palanisamy Multiple token provisioning
US9846878B2 (en) 2014-01-14 2017-12-19 Visa International Service Association Payment account identifier system
US10013690B2 (en) * 2014-01-16 2018-07-03 Visa International Service Asssociation Systems and methods for merchant mobile acceptance
US20150220917A1 (en) 2014-02-04 2015-08-06 Christian Aabye Token verification using limited use certificates
US20150269566A1 (en) 2014-03-18 2015-09-24 Ajit Gaddam Systems and methods for locally derived tokens
US20150278799A1 (en) 2014-03-27 2015-10-01 Karthikeyan Palanisamy System incorporating wireless share process
US10026087B2 (en) 2014-04-08 2018-07-17 Visa International Service Association Data passed in an interaction
US9942043B2 (en) 2014-04-23 2018-04-10 Visa International Service Association Token security on a communication device
US10902417B2 (en) * 2014-04-29 2021-01-26 Mastercard International Incorporated Systems and methods of processing payment transactions using one-time tokens
CN106233664B (en) 2014-05-01 2020-03-13 维萨国际服务协会 Data authentication using an access device
AU2015256205B2 (en) 2014-05-05 2020-07-16 Visa International Service Association System and method for token domain control
US10706380B2 (en) 2014-05-08 2020-07-07 Visa International Service Association Split shipment processing
EP3143573A4 (en) 2014-05-13 2018-01-24 Visa International Service Association Master applet for secure remote payment processing
US11023890B2 (en) 2014-06-05 2021-06-01 Visa International Service Association Identification and verification for provisioning mobile application
CN106664206B (en) * 2014-06-18 2020-05-12 维萨国际服务协会 Efficient method for authenticated communication
US9780953B2 (en) 2014-07-23 2017-10-03 Visa International Service Association Systems and methods for secure detokenization
US10484345B2 (en) 2014-07-31 2019-11-19 Visa International Service Association System and method for identity verification across mobile applications
US9779345B2 (en) 2014-08-11 2017-10-03 Visa International Service Association Mobile device with scannable image including dynamic data
US9775029B2 (en) 2014-08-22 2017-09-26 Visa International Service Association Embedding cloud-based functionalities in a communication device
CN111756533B (en) 2014-08-29 2023-07-04 维萨国际服务协会 System, method and storage medium for secure password generation
BR112017005824A2 (en) 2014-09-26 2017-12-12 Visa Int Service Ass method and mobile device.
US11257074B2 (en) 2014-09-29 2022-02-22 Visa International Service Association Transaction risk based token
US9582267B2 (en) 2014-10-10 2017-02-28 Visa International Service Association Methods and systems for partial personalization during mobile application update
US10015147B2 (en) 2014-10-22 2018-07-03 Visa International Service Association Token enrollment system and method
GB201419016D0 (en) 2014-10-24 2014-12-10 Visa Europe Ltd Transaction Messaging
US10325261B2 (en) 2014-11-25 2019-06-18 Visa International Service Association Systems communications with non-sensitive identifiers
EP3224784A4 (en) 2014-11-26 2017-11-08 Visa International Service Association Tokenization request via access device
EP3231157B1 (en) 2014-12-12 2020-05-20 Visa International Service Association Provisioning platform for machine-to-machine devices
US10257185B2 (en) 2014-12-12 2019-04-09 Visa International Service Association Automated access data provisioning
US10096009B2 (en) 2015-01-20 2018-10-09 Visa International Service Association Secure payment processing using authorization request
EP3248165A4 (en) 2015-01-23 2018-06-13 Visa International Service Association Transaction utilizing anonymized user data
WO2016123264A1 (en) 2015-01-27 2016-08-04 Visa International Service Association Methods for secure credential provisioning
US11250391B2 (en) 2015-01-30 2022-02-15 Visa International Service Association Token check offline
US10977657B2 (en) 2015-02-09 2021-04-13 Visa International Service Association Token processing utilizing multiple authorizations
WO2016130764A1 (en) 2015-02-13 2016-08-18 Visa International Service Association Peer forward authorization of digital requests
US11068895B2 (en) 2015-02-17 2021-07-20 Visa International Service Association Token and cryptogram using transaction specific information
US20160260097A1 (en) * 2015-03-06 2016-09-08 Mastercard International Incorporated Assignment of transactions to sub-accounts in payment account system
US10164996B2 (en) 2015-03-12 2018-12-25 Visa International Service Association Methods and systems for providing a low value token buffer
US9998978B2 (en) 2015-04-16 2018-06-12 Visa International Service Association Systems and methods for processing dormant virtual access devices
US10713660B2 (en) 2015-09-15 2020-07-14 Visa International Service Association Authorization of credential on file transactions
US11068889B2 (en) 2015-10-15 2021-07-20 Visa International Service Association Instant token issuance
US11449863B2 (en) 2016-04-11 2022-09-20 Visa International Service Association Expedited E-commerce tokenization
CN108292412A (en) 2015-11-23 2018-07-17 维萨国际服务协会 The system and method that supplemental information is provided in transaction
WO2017096300A1 (en) 2015-12-04 2017-06-08 Visa International Service Association Unique code for token verification
CN108292330B (en) 2015-12-04 2023-02-28 维萨国际服务协会 Secure token distribution
WO2017120605A1 (en) 2016-01-07 2017-07-13 Visa International Service Association Systems and methods for device push provisioning
AU2017214412A1 (en) 2016-02-01 2018-06-28 Visa International Service Association Systems and methods for code display and use
US11501288B2 (en) 2016-02-09 2022-11-15 Visa International Service Association Resource provider account token provisioning and processing
US10922672B2 (en) 2016-02-12 2021-02-16 Visa International Service Association Authentication systems and methods using location matching
US10313321B2 (en) 2016-04-07 2019-06-04 Visa International Service Association Tokenization of co-network accounts
US11250424B2 (en) 2016-05-19 2022-02-15 Visa International Service Association Systems and methods for creating subtokens using primary tokens
US11068899B2 (en) 2016-06-17 2021-07-20 Visa International Service Association Token aggregation for multi-party transactions
US10361856B2 (en) 2016-06-24 2019-07-23 Visa International Service Association Unique token authentication cryptogram
CN116739570A (en) 2016-07-19 2023-09-12 维萨国际服务协会 Method for distributing tokens and managing token relationships
US10509779B2 (en) 2016-09-14 2019-12-17 Visa International Service Association Self-cleaning token vault
WO2018170404A1 (en) 2017-03-16 2018-09-20 Jpmorgan Chase Bank, N.A. Systems and methods for supporting legacy and tokenized e-commerce
US10915899B2 (en) 2017-03-17 2021-02-09 Visa International Service Association Replacing token on a multi-token user device
US20180285875A1 (en) 2017-03-31 2018-10-04 Simon Law Static token systems and methods for representing dynamic real credentials
US10902418B2 (en) 2017-05-02 2021-01-26 Visa International Service Association System and method using interaction token
US10491389B2 (en) 2017-07-14 2019-11-26 Visa International Service Association Token provisioning utilizing a secure authentication system
US12074974B2 (en) 2018-05-18 2024-08-27 Visa International Service Association Method and system for access token processing
US11256789B2 (en) 2018-06-18 2022-02-22 Visa International Service Association Recurring token transactions
WO2019246539A1 (en) 2018-06-22 2019-12-26 Visa International Service Association Secure remote transaction framework using dynamic secure checkout element

Also Published As

Publication number Publication date
AU2021203184A1 (en) 2021-06-10
AU2021203184B2 (en) 2022-11-17
GB201419016D0 (en) 2014-12-10
US10769628B2 (en) 2020-09-08
MX2017005313A (en) 2017-06-21
CN107077670B (en) 2021-06-29
US20240354756A1 (en) 2024-10-24
WO2016063089A1 (en) 2016-04-28
CA3186475A1 (en) 2016-04-28
CA2965445A1 (en) 2016-04-28
EP3210177A1 (en) 2017-08-30
US20170228728A1 (en) 2017-08-10
US12051064B2 (en) 2024-07-30
CN113344570A (en) 2021-09-03
EP3822891A1 (en) 2021-05-19
CN107077670A (en) 2017-08-18
KR102613422B1 (en) 2023-12-14
AU2015334634A1 (en) 2017-04-27
KR20230008206A (en) 2023-01-13
AU2015334634B2 (en) 2021-02-18
EP3210177B1 (en) 2020-11-25
US20200372503A1 (en) 2020-11-26
KR20170077170A (en) 2017-07-05
KR102477453B1 (en) 2022-12-14

Similar Documents

Publication Publication Date Title
AU2021203184B2 (en) Transaction messaging
US11877213B2 (en) Methods and systems for asset obfuscation
CN110692214B (en) Method and system for ownership verification using blockchain
CN107925572B (en) Secure binding of software applications to communication devices
CN106559217B (en) A kind of dynamic encrypting method, terminal, server
JP6743276B2 (en) System and method for end-to-end key management
JP2018522353A (en) Authentication system and method for server-based payment
CN112260826A (en) Method for secure credential provisioning
CN106527673A (en) Method and apparatus for binding wearable device, and electronic payment method and apparatus
JP2016533048A (en) How to secure wireless communication between a mobile application and a gateway
US20200074465A1 (en) Verification and provisioning of mobile payment applications
US20190012664A1 (en) Method and system for enhancing the security of a transaction
EP2950229B1 (en) Method for facilitating transactions, computer program product and mobile device
WO2015162276A2 (en) Secure token implementation
Oliveira Dynamic QR codes for Ticketing Systems
CN117043802A (en) System and method for secure transactions
JP2012212405A (en) Application authentication system, application authentication method, and program

Legal Events

Date Code Title Description
EEER Examination request

Effective date: 20200828

EEER Examination request

Effective date: 20200828

EEER Examination request

Effective date: 20200828

EEER Examination request

Effective date: 20200828

EEER Examination request

Effective date: 20200828